├── .bowerrc ├── .editorconfig ├── .gitignore ├── .jscsrc ├── .jshintrc ├── README.md ├── attacker-app ├── .bowerrc ├── .editorconfig ├── .gitignore ├── .jscsrc ├── .jshintrc ├── README.md ├── bower.json ├── gulp.config.js ├── gulp.png ├── gulpfile.js ├── karma.conf.js ├── package.json └── src │ ├── client │ ├── app │ │ ├── app.module.js │ │ ├── blocks │ │ │ ├── exception │ │ │ │ ├── exception-handler.provider.js │ │ │ │ ├── exception-handler.provider.spec.js │ │ │ │ ├── exception.js │ │ │ │ └── exception.module.js │ │ │ ├── logger │ │ │ │ ├── logger.js │ │ │ │ └── logger.module.js │ │ │ └── router │ │ │ │ ├── router-helper.provider.js │ │ │ │ └── router.module.js │ │ ├── clickjacking-attack │ │ │ ├── clickjacking-attack.controller.js │ │ │ ├── clickjacking-attack.controller.spec.js │ │ │ ├── clickjacking-attack.html │ │ │ ├── clickjacking-attack.module.js │ │ │ ├── clickjacking-attack.route.js │ │ │ └── clickjacking-attack.route.spec.js │ │ ├── core │ │ │ ├── 404.html │ │ │ ├── config.js │ │ │ ├── constants.js │ │ │ ├── core.module.js │ │ │ ├── core.route.js │ │ │ ├── core.route.spec.js │ │ │ └── dataservice.js │ │ ├── csrf-attack │ │ │ ├── csrf-attack.controller.js │ │ │ ├── csrf-attack.controller.spec.js │ │ │ ├── csrf-attack.html │ │ │ ├── csrf-attack.module.js │ │ │ ├── csrf-attack.route.js │ │ │ └── csrf-attack.route.spec.js │ │ ├── dashboard │ │ │ ├── dashboard.controller.js │ │ │ ├── dashboard.controller.spec.js │ │ │ ├── dashboard.html │ │ │ ├── dashboard.module.js │ │ │ ├── dashboard.route.js │ │ │ └── dashboard.route.spec.js │ │ ├── layout │ │ │ ├── ht-sidebar.directive.js │ │ │ ├── ht-sidebar.directive.spec.js │ │ │ ├── ht-top-nav.directive.js │ │ │ ├── ht-top-nav.html │ │ │ ├── layout.module.js │ │ │ ├── shell.controller.js │ │ │ ├── shell.controller.spec.js │ │ │ ├── shell.html │ │ │ ├── sidebar.controller.js │ │ │ ├── sidebar.controller.spec.js │ │ │ └── sidebar.html │ │ └── widgets │ │ │ ├── ht-img-person.directive.js │ │ │ ├── ht-widget-header.directive.js │ │ │ ├── widget-header.html │ │ │ └── widgets.module.js │ ├── images │ │ ├── AngularJS-small.png │ │ ├── busy.gif │ │ ├── gulp-tiny.png │ │ └── icon.png │ ├── index.html │ ├── specs.html │ ├── styles │ │ └── styles.less │ └── test-helpers │ │ ├── bind-polyfill.js │ │ └── mock-data.js │ └── server │ ├── app.js │ ├── data.js │ ├── favicon.ico │ ├── routes.js │ └── utils │ └── 404.js ├── bower.json ├── gulp.config.js ├── gulp.png ├── gulpfile.js ├── karma.conf.js ├── package.json └── src ├── client ├── app │ ├── app.module.js │ ├── blocks │ │ ├── exception │ │ │ ├── exception-handler.provider.js │ │ │ ├── exception-handler.provider.spec.js │ │ │ ├── exception.js │ │ │ └── exception.module.js │ │ ├── logger │ │ │ ├── logger.js │ │ │ └── logger.module.js │ │ └── router │ │ │ ├── router-helper.provider.js │ │ │ └── router.module.js │ ├── clickjacking │ │ ├── clickjacking.controller.js │ │ ├── clickjacking.controller.spec.js │ │ ├── clickjacking.html │ │ ├── clickjacking.module.js │ │ ├── clickjacking.route.js │ │ └── clickjacking.route.spec.js │ ├── core │ │ ├── 404.html │ │ ├── config.js │ │ ├── constants.js │ │ ├── core.module.js │ │ ├── core.route.js │ │ ├── core.route.spec.js │ │ ├── dataservice.js │ │ └── user.service.js │ ├── csrf │ │ ├── csrf.controller.js │ │ ├── csrf.controller.spec.js │ │ ├── csrf.html │ │ ├── csrf.module.js │ │ ├── csrf.route.js │ │ └── csrf.route.spec.js │ ├── dashboard │ │ ├── dashboard.controller.js │ │ ├── dashboard.controller.spec.js │ │ ├── dashboard.html │ │ ├── dashboard.module.js │ │ ├── dashboard.route.js │ │ └── dashboard.route.spec.js │ ├── layout │ │ ├── ht-sidebar.directive.js │ │ ├── ht-sidebar.directive.spec.js │ │ ├── ht-top-nav.directive.js │ │ ├── ht-top-nav.html │ │ ├── layout.module.js │ │ ├── shell.controller.js │ │ ├── shell.controller.spec.js │ │ ├── shell.html │ │ ├── sidebar.controller.js │ │ ├── sidebar.controller.spec.js │ │ └── sidebar.html │ ├── widgets │ │ ├── ht-img-person.directive.js │ │ ├── ht-widget-header.directive.js │ │ ├── widget-header.html │ │ └── widgets.module.js │ └── xss-search │ │ ├── xss-search.controller.js │ │ ├── xss-search.controller.spec.js │ │ ├── xss-search.html │ │ ├── xss-search.module.js │ │ ├── xss-search.route.js │ │ └── xss-search.route.spec.js ├── images │ ├── AngularJS-small.png │ ├── busy.gif │ ├── gulp-tiny.png │ └── icon.png ├── index.html ├── specs.html ├── styles │ └── styles.less └── test-helpers │ ├── bind-polyfill.js │ └── mock-data.js └── server ├── app.js ├── data.js ├── favicon.ico ├── routes.js └── utils └── 404.js /.bowerrc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/.bowerrc -------------------------------------------------------------------------------- /.editorconfig: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/.editorconfig -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/.gitignore -------------------------------------------------------------------------------- /.jscsrc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/.jscsrc -------------------------------------------------------------------------------- /.jshintrc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/.jshintrc -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/README.md -------------------------------------------------------------------------------- /attacker-app/.bowerrc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/.bowerrc -------------------------------------------------------------------------------- /attacker-app/.editorconfig: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/.editorconfig -------------------------------------------------------------------------------- /attacker-app/.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/.gitignore -------------------------------------------------------------------------------- /attacker-app/.jscsrc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/.jscsrc -------------------------------------------------------------------------------- /attacker-app/.jshintrc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/.jshintrc -------------------------------------------------------------------------------- /attacker-app/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/README.md -------------------------------------------------------------------------------- /attacker-app/bower.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/bower.json -------------------------------------------------------------------------------- /attacker-app/gulp.config.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/gulp.config.js -------------------------------------------------------------------------------- /attacker-app/gulp.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/gulp.png -------------------------------------------------------------------------------- /attacker-app/gulpfile.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/gulpfile.js -------------------------------------------------------------------------------- /attacker-app/karma.conf.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/karma.conf.js -------------------------------------------------------------------------------- /attacker-app/package.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/package.json -------------------------------------------------------------------------------- /attacker-app/src/client/app/app.module.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/app.module.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/blocks/exception/exception-handler.provider.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/blocks/exception/exception-handler.provider.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/blocks/exception/exception-handler.provider.spec.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/blocks/exception/exception-handler.provider.spec.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/blocks/exception/exception.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/blocks/exception/exception.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/blocks/exception/exception.module.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/blocks/exception/exception.module.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/blocks/logger/logger.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/blocks/logger/logger.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/blocks/logger/logger.module.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/blocks/logger/logger.module.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/blocks/router/router-helper.provider.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/blocks/router/router-helper.provider.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/blocks/router/router.module.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/blocks/router/router.module.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/clickjacking-attack/clickjacking-attack.controller.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/clickjacking-attack/clickjacking-attack.controller.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/clickjacking-attack/clickjacking-attack.controller.spec.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/clickjacking-attack/clickjacking-attack.controller.spec.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/clickjacking-attack/clickjacking-attack.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/clickjacking-attack/clickjacking-attack.html -------------------------------------------------------------------------------- /attacker-app/src/client/app/clickjacking-attack/clickjacking-attack.module.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/clickjacking-attack/clickjacking-attack.module.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/clickjacking-attack/clickjacking-attack.route.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/clickjacking-attack/clickjacking-attack.route.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/clickjacking-attack/clickjacking-attack.route.spec.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/clickjacking-attack/clickjacking-attack.route.spec.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/core/404.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/core/404.html -------------------------------------------------------------------------------- /attacker-app/src/client/app/core/config.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/core/config.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/core/constants.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/core/constants.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/core/core.module.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/core/core.module.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/core/core.route.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/core/core.route.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/core/core.route.spec.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/core/core.route.spec.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/core/dataservice.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/core/dataservice.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/csrf-attack/csrf-attack.controller.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/csrf-attack/csrf-attack.controller.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/csrf-attack/csrf-attack.controller.spec.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/csrf-attack/csrf-attack.controller.spec.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/csrf-attack/csrf-attack.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/csrf-attack/csrf-attack.html -------------------------------------------------------------------------------- /attacker-app/src/client/app/csrf-attack/csrf-attack.module.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/csrf-attack/csrf-attack.module.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/csrf-attack/csrf-attack.route.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/csrf-attack/csrf-attack.route.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/csrf-attack/csrf-attack.route.spec.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/csrf-attack/csrf-attack.route.spec.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/dashboard/dashboard.controller.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/dashboard/dashboard.controller.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/dashboard/dashboard.controller.spec.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/dashboard/dashboard.controller.spec.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/dashboard/dashboard.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/dashboard/dashboard.html -------------------------------------------------------------------------------- /attacker-app/src/client/app/dashboard/dashboard.module.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/dashboard/dashboard.module.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/dashboard/dashboard.route.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/dashboard/dashboard.route.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/dashboard/dashboard.route.spec.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/dashboard/dashboard.route.spec.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/layout/ht-sidebar.directive.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/layout/ht-sidebar.directive.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/layout/ht-sidebar.directive.spec.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/layout/ht-sidebar.directive.spec.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/layout/ht-top-nav.directive.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/layout/ht-top-nav.directive.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/layout/ht-top-nav.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/layout/ht-top-nav.html -------------------------------------------------------------------------------- /attacker-app/src/client/app/layout/layout.module.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/layout/layout.module.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/layout/shell.controller.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/layout/shell.controller.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/layout/shell.controller.spec.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/layout/shell.controller.spec.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/layout/shell.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/layout/shell.html -------------------------------------------------------------------------------- /attacker-app/src/client/app/layout/sidebar.controller.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/layout/sidebar.controller.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/layout/sidebar.controller.spec.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/layout/sidebar.controller.spec.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/layout/sidebar.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/layout/sidebar.html -------------------------------------------------------------------------------- /attacker-app/src/client/app/widgets/ht-img-person.directive.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/widgets/ht-img-person.directive.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/widgets/ht-widget-header.directive.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/widgets/ht-widget-header.directive.js -------------------------------------------------------------------------------- /attacker-app/src/client/app/widgets/widget-header.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/widgets/widget-header.html -------------------------------------------------------------------------------- /attacker-app/src/client/app/widgets/widgets.module.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/app/widgets/widgets.module.js -------------------------------------------------------------------------------- /attacker-app/src/client/images/AngularJS-small.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/images/AngularJS-small.png -------------------------------------------------------------------------------- /attacker-app/src/client/images/busy.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/images/busy.gif -------------------------------------------------------------------------------- /attacker-app/src/client/images/gulp-tiny.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/images/gulp-tiny.png -------------------------------------------------------------------------------- /attacker-app/src/client/images/icon.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/images/icon.png -------------------------------------------------------------------------------- /attacker-app/src/client/index.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/index.html -------------------------------------------------------------------------------- /attacker-app/src/client/specs.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/specs.html -------------------------------------------------------------------------------- /attacker-app/src/client/styles/styles.less: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/styles/styles.less -------------------------------------------------------------------------------- /attacker-app/src/client/test-helpers/bind-polyfill.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/test-helpers/bind-polyfill.js -------------------------------------------------------------------------------- /attacker-app/src/client/test-helpers/mock-data.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/client/test-helpers/mock-data.js -------------------------------------------------------------------------------- /attacker-app/src/server/app.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/server/app.js -------------------------------------------------------------------------------- /attacker-app/src/server/data.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/server/data.js -------------------------------------------------------------------------------- /attacker-app/src/server/favicon.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/server/favicon.ico -------------------------------------------------------------------------------- /attacker-app/src/server/routes.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/server/routes.js -------------------------------------------------------------------------------- /attacker-app/src/server/utils/404.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/attacker-app/src/server/utils/404.js -------------------------------------------------------------------------------- /bower.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/bower.json -------------------------------------------------------------------------------- /gulp.config.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/gulp.config.js -------------------------------------------------------------------------------- /gulp.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/gulp.png -------------------------------------------------------------------------------- /gulpfile.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/gulpfile.js -------------------------------------------------------------------------------- /karma.conf.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/karma.conf.js -------------------------------------------------------------------------------- /package.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/package.json -------------------------------------------------------------------------------- /src/client/app/app.module.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/app.module.js -------------------------------------------------------------------------------- /src/client/app/blocks/exception/exception-handler.provider.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/blocks/exception/exception-handler.provider.js -------------------------------------------------------------------------------- /src/client/app/blocks/exception/exception-handler.provider.spec.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/blocks/exception/exception-handler.provider.spec.js -------------------------------------------------------------------------------- /src/client/app/blocks/exception/exception.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/blocks/exception/exception.js -------------------------------------------------------------------------------- /src/client/app/blocks/exception/exception.module.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/blocks/exception/exception.module.js -------------------------------------------------------------------------------- /src/client/app/blocks/logger/logger.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/blocks/logger/logger.js -------------------------------------------------------------------------------- /src/client/app/blocks/logger/logger.module.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/blocks/logger/logger.module.js -------------------------------------------------------------------------------- /src/client/app/blocks/router/router-helper.provider.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/blocks/router/router-helper.provider.js -------------------------------------------------------------------------------- /src/client/app/blocks/router/router.module.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/blocks/router/router.module.js -------------------------------------------------------------------------------- /src/client/app/clickjacking/clickjacking.controller.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/clickjacking/clickjacking.controller.js -------------------------------------------------------------------------------- /src/client/app/clickjacking/clickjacking.controller.spec.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/clickjacking/clickjacking.controller.spec.js -------------------------------------------------------------------------------- /src/client/app/clickjacking/clickjacking.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/clickjacking/clickjacking.html -------------------------------------------------------------------------------- /src/client/app/clickjacking/clickjacking.module.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/clickjacking/clickjacking.module.js -------------------------------------------------------------------------------- /src/client/app/clickjacking/clickjacking.route.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/clickjacking/clickjacking.route.js -------------------------------------------------------------------------------- /src/client/app/clickjacking/clickjacking.route.spec.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/clickjacking/clickjacking.route.spec.js -------------------------------------------------------------------------------- /src/client/app/core/404.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/core/404.html -------------------------------------------------------------------------------- /src/client/app/core/config.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/core/config.js -------------------------------------------------------------------------------- /src/client/app/core/constants.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/core/constants.js -------------------------------------------------------------------------------- /src/client/app/core/core.module.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/core/core.module.js -------------------------------------------------------------------------------- /src/client/app/core/core.route.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/core/core.route.js -------------------------------------------------------------------------------- /src/client/app/core/core.route.spec.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/core/core.route.spec.js -------------------------------------------------------------------------------- /src/client/app/core/dataservice.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/core/dataservice.js -------------------------------------------------------------------------------- /src/client/app/core/user.service.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/core/user.service.js -------------------------------------------------------------------------------- /src/client/app/csrf/csrf.controller.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/csrf/csrf.controller.js -------------------------------------------------------------------------------- /src/client/app/csrf/csrf.controller.spec.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/csrf/csrf.controller.spec.js -------------------------------------------------------------------------------- /src/client/app/csrf/csrf.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/csrf/csrf.html -------------------------------------------------------------------------------- /src/client/app/csrf/csrf.module.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/csrf/csrf.module.js -------------------------------------------------------------------------------- /src/client/app/csrf/csrf.route.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/csrf/csrf.route.js -------------------------------------------------------------------------------- /src/client/app/csrf/csrf.route.spec.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/csrf/csrf.route.spec.js -------------------------------------------------------------------------------- /src/client/app/dashboard/dashboard.controller.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/dashboard/dashboard.controller.js -------------------------------------------------------------------------------- /src/client/app/dashboard/dashboard.controller.spec.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/dashboard/dashboard.controller.spec.js -------------------------------------------------------------------------------- /src/client/app/dashboard/dashboard.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/dashboard/dashboard.html -------------------------------------------------------------------------------- /src/client/app/dashboard/dashboard.module.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/dashboard/dashboard.module.js -------------------------------------------------------------------------------- /src/client/app/dashboard/dashboard.route.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/dashboard/dashboard.route.js -------------------------------------------------------------------------------- /src/client/app/dashboard/dashboard.route.spec.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/dashboard/dashboard.route.spec.js -------------------------------------------------------------------------------- /src/client/app/layout/ht-sidebar.directive.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/layout/ht-sidebar.directive.js -------------------------------------------------------------------------------- /src/client/app/layout/ht-sidebar.directive.spec.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/layout/ht-sidebar.directive.spec.js -------------------------------------------------------------------------------- /src/client/app/layout/ht-top-nav.directive.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/layout/ht-top-nav.directive.js -------------------------------------------------------------------------------- /src/client/app/layout/ht-top-nav.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/layout/ht-top-nav.html -------------------------------------------------------------------------------- /src/client/app/layout/layout.module.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/layout/layout.module.js -------------------------------------------------------------------------------- /src/client/app/layout/shell.controller.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/layout/shell.controller.js -------------------------------------------------------------------------------- /src/client/app/layout/shell.controller.spec.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/layout/shell.controller.spec.js -------------------------------------------------------------------------------- /src/client/app/layout/shell.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/layout/shell.html -------------------------------------------------------------------------------- /src/client/app/layout/sidebar.controller.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/layout/sidebar.controller.js -------------------------------------------------------------------------------- /src/client/app/layout/sidebar.controller.spec.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/layout/sidebar.controller.spec.js -------------------------------------------------------------------------------- /src/client/app/layout/sidebar.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/layout/sidebar.html -------------------------------------------------------------------------------- /src/client/app/widgets/ht-img-person.directive.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/widgets/ht-img-person.directive.js -------------------------------------------------------------------------------- /src/client/app/widgets/ht-widget-header.directive.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/widgets/ht-widget-header.directive.js -------------------------------------------------------------------------------- /src/client/app/widgets/widget-header.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/widgets/widget-header.html -------------------------------------------------------------------------------- /src/client/app/widgets/widgets.module.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/widgets/widgets.module.js -------------------------------------------------------------------------------- /src/client/app/xss-search/xss-search.controller.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/xss-search/xss-search.controller.js -------------------------------------------------------------------------------- /src/client/app/xss-search/xss-search.controller.spec.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/xss-search/xss-search.controller.spec.js -------------------------------------------------------------------------------- /src/client/app/xss-search/xss-search.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/xss-search/xss-search.html -------------------------------------------------------------------------------- /src/client/app/xss-search/xss-search.module.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/xss-search/xss-search.module.js -------------------------------------------------------------------------------- /src/client/app/xss-search/xss-search.route.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/xss-search/xss-search.route.js -------------------------------------------------------------------------------- /src/client/app/xss-search/xss-search.route.spec.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/app/xss-search/xss-search.route.spec.js -------------------------------------------------------------------------------- /src/client/images/AngularJS-small.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/images/AngularJS-small.png -------------------------------------------------------------------------------- /src/client/images/busy.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/images/busy.gif -------------------------------------------------------------------------------- /src/client/images/gulp-tiny.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/images/gulp-tiny.png -------------------------------------------------------------------------------- /src/client/images/icon.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/images/icon.png -------------------------------------------------------------------------------- /src/client/index.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/index.html -------------------------------------------------------------------------------- /src/client/specs.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/specs.html -------------------------------------------------------------------------------- /src/client/styles/styles.less: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/styles/styles.less -------------------------------------------------------------------------------- /src/client/test-helpers/bind-polyfill.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/test-helpers/bind-polyfill.js -------------------------------------------------------------------------------- /src/client/test-helpers/mock-data.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/client/test-helpers/mock-data.js -------------------------------------------------------------------------------- /src/server/app.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/server/app.js -------------------------------------------------------------------------------- /src/server/data.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/server/data.js -------------------------------------------------------------------------------- /src/server/favicon.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/server/favicon.ico -------------------------------------------------------------------------------- /src/server/routes.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/server/routes.js -------------------------------------------------------------------------------- /src/server/utils/404.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/clarkio/vulnerable-app/HEAD/src/server/utils/404.js --------------------------------------------------------------------------------