Remediation Demo

A flask app with SQL injection and leaked passwords to be used for remediation demo.

SQL injection

curl "http://127.0.0.1:5000/users?name='%20OR%20'1'='1"

Leaking passwords

http://127.0.0.1:5000/.env

curl http://127.0.0.1:5000/.env
wget http://127.0.0.1:5000/.env

Local Setup

nightvision app create -n remediation-demo
nightvision target create -n remediation-demo -u http://127.0.0.1:5000 --type api
nightvision swagger extract ./ -t remediation-demo --lang python 
pip install -r requirements.txt
python app.py
nightvision scan -t remediation-demo -a remediation-demo

Name		Name	Last commit message	Last commit date
Latest commit History 28 Commits
.github/workflows		.github/workflows
.gitignore		.gitignore
.nvexcavator		.nvexcavator
Dockerfile		Dockerfile
LICENSE		LICENSE
README.md		README.md
app.py		app.py
backup-openapi-spec.yml		backup-openapi-spec.yml
backup-results.sarif		backup-results.sarif
check-endpoint.sh		check-endpoint.sh
docker-compose.yml		docker-compose.yml
requirements.txt		requirements.txt
run_scan		run_scan

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Remediation Demo

SQL injection

Leaking passwords

Local Setup

About

Releases

Packages

Languages

License

alex-nightvision/remediation-demo

Folders and files

Latest commit

History

Repository files navigation

Remediation Demo

SQL injection

Leaking passwords

Local Setup

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages