You must signin to visit the website
Capture The Flag !!!
Taking inpiration from Juice-shop and Hack-the-box, this application will allow users to practise their skills on a vulnerable web-app. I plan to implement a subset of the OWASP top-ten vulnerabilities alsongside some non-web secuirty stuff that I haven't figured out yet.
What makes it different than a CRUD app? I.e., what functionality does it provide that is not just a user interface layer on top of a database of user information,and the ability to view / add to / change that information?
This app would be significantly different from a CRUD app because it main functionality is centered around finding vulnerabilities in the application. The program will however maintain a score board which be utilizing the CRUD functionality to store the user progress through the challenges
What security and privacy concerns do you expect you (as developers) or your users to have with this application?
the main concern would be that users shouldn't be able to find vulnerabilites besides ones which are intentially put there. Vulnerabilites which can help game the scoring system would important to address.
This repository has a package.json that functions as a blank shell that gets full credit if you turn it in to the gradescope autograder. We will not be using the autograder in any way to actually evaluate your project, it is just there to keep track of your initial submission.
We recommend that you use this repository for your final project code. This will allow you to ask questions on Piazza and get help from the TAs and instructors. Adding a real linter, type checker, etc, based on our other examples would be a good idea.