nosu
/
security-c4po
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
security-c4po/security-c4po-api/src/test/resources/collections/comments.json

99 lines
4.2 KiB
JSON
Raw Blame History

[{
"_id": {
"$oid": "6436992c28fc40394ae5b623"
},
"lastModified": {
"$date": "2023-04-12T11:42:36.694Z"
},
"data": {
"_id": "5514f0d3-7c80-4138-bf3e-56b515560f00",
"title": "OWASP Juice Shop Architecture",
"description": "In the frontend the popular Angular framework is used to create a so-called Single Page Application.\nJavaScript is also used in the backend as the exclusive programming language: An Express application hosted in a Node.js server delivers the client-side code to the browser. It also provides the necessary backend functionality to the client via a RESTful API.\nAs an underlying database a light-weight SQLite was chosen, because of its file-based nature. Sequelize and finale-rest are used as an abstraction layer from the database.\nAs an additional data store, a MarsDB is part of the OWASP Juice Shop.\nThe application also offers user registration via OAuth 2.0 so users can sign in with their Google accounts.",
"attachments": []
},
"_class": "com.securityc4po.api.pentest.comment.CommentEntity"
},{
"_id": {
"$oid": "64369e4428fc40394ae5b679"
},
"lastModified": {
"$date": "2023-04-12T12:04:20.039Z"
},
"data": {
"_id": "4a3be0f9-fc2a-4607-9996-c2a92ae5ccbc",
"title": "Test Scroll Feature here",
"description": "Try to make the info description scrollable without destroying the header.",
"attachments": []
},
"_class": "com.securityc4po.api.pentest.comment.CommentEntity"
},{
"_id": {
"$oid": "64369f2628fc40394ae5b68e"
},
"lastModified": {
"$date": "2023-04-12T12:08:06.156Z"
},
"data": {
"_id": "02491d86-5f8d-4574-9bac-4d21ae4a2040",
"title": "Wow",
"description": "What a test comment..",
"attachments": []
},
"_class": "com.securityc4po.api.pentest.comment.CommentEntity"
},{
"_id": {
"$oid": "64369f3b28fc40394ae5b68f"
},
"lastModified": {
"$date": "2023-04-12T12:08:27.939Z"
},
"data": {
"_id": "bd1b9a09-c8d4-4050-8930-b79e4e81d50d",
"title": "Amazing",
"description": "Wow!",
"attachments": []
},
"_class": "com.securityc4po.api.pentest.comment.CommentEntity"
},{
"_id": {
"$oid": "6440085a1f4ed15ba9666309"
},
"lastModified": {
"$date": "2023-04-19T15:27:22.756Z"
},
"data": {
"_id": "f4901f6b-6814-450c-8734-7ff1b3eed9b0",
"title": "Deprecated MIME Types",
"description": "When looking through the main.js file of the webserver we can search for \"allowedMimeType\" and get presented with the following:\n- application/pdf\n- application/xml\n- text/xml\n- application/zip\n- application/x-zip-compressed\n- multipart/x-zip\n\nEspecially the upload of xml files can result in a XXE Attack or in a RCE.",
"attachments": []
},
"_class": "com.securityc4po.api.pentest.comment.CommentEntity"
},{
"_id": {
"$oid": "644008e81f4ed15ba966630a"
},
"lastModified": {
"$date": "2023-04-19T15:29:44.718Z"
},
"data": {
"_id": "0dd84537-6be7-468f-a4ad-6cf30d8fb7dc",
"title": "Webserver Type",
"description": "When looking at \"Server\" property of the repsonse header we can see that the application is running on a Cowboy HTTP Server.",
"attachments": []
},
"_class": "com.securityc4po.api.pentest.comment.CommentEntity"
},{
"_id": {
"$oid": "645a23e989feac5618c3a83e"
},
"lastModified": {
"$date": "2023-05-09T10:43:53.712Z"
},
"data": {
"_id": "eb31f820-0f7b-4b70-98e2-ed8624d56824",
"title": "Juice Shop Application Structure",
"description": "In the frontend the popular Angular framework is used to create a so-called Single Page Application.\nJavaScript is also used in the backend as the exclusive programming language: An Express application hosted in a Node.js server delivers the client-side code to the browser. It also provides the necessary backend functionality to the client via a RESTful API.\nAs an underlying database a light-weight SQLite was chosen, because of its file-based nature. Sequelize and finale-rest are used as an abstraction layer from the database.\nAs an additional data store, a MarsDB is part of the OWASP Juice Shop.\nThe application also offers user registration via OAuth 2.0 so users can sign in with their Google accounts.",
"attachments": []
},
"_class": "com.securityc4po.api.pentest.comment.CommentEntity"
}]
Reference in New Issue View Git Blame Copy Permalink