GithubHelp home page GithubHelp logo

Logo

GitHub package.json version GitHub Workflow Status GitHub GitHub repo size Docker Image Size (latest by date) GitHub contributors GitHub commit activity

Why?

If you try to learn a little bit more about crypto, either because you want to know how the attacks work or just because you want to do safe code, you end up diving really fast into the math behind the algorithms, and for a lot of people this is a NO.

This project was created with some key points in mind:

  • Real world examples of the crypto attack vectors
  • No need to write code to exploit a vulnerability that you are still trying to understand
  • No challenge without a solution
  • Dead simple documentation. No complex math, no complex formulas. Good old english
  • A common place to test different attack vectors
  • Make easy for everyone to understand crypto, attacks and preventions.
  • Go straight to the point, the challenges are no brain teasers, just a scenario with a crypto vuln.

Build

(Make sure you have node installed)

npm install -g yarn

# This will install necessary dependencies
# (in frontend and backend)
yarn run build-with-deps

# In case you already have dependencies 
# or want to install them manually you can build it with:
# yarn run build

Run

yarn run start

You can change the port with an environment variable:

PORT=4000 yarn run start

Docker

From DockerHub

You can download the latest docker image with:

docker pull damnvulnerablecryptoapp1/damnvulnerablecryptoapp

Build

If you prefer to build the docker image yourself run:

npm install -g yarn

yarn build:docker
# or just:
# docker build -t dvca .

Run

By default port 4000 is being exported, So you can map it to your own port:

docker run -p 4000:4000 -t dvca

Developing

If you want to to develop new features, or just run without building the app you can start by installing dependencies with:

# installs deps  both for FE and BE
yarn run install-deps

Then you need to run independently the frontend and the backend apps.

Backend

cd backend 
yarn start:dev

if you want to change the port (default is 4000) you can set an environment variable:

PORT=3000 yarn start

If you changed the server port you need to specify it when booting the frontend, again, as an environment variable:

REACT_APP_SERVER_PORT=5000 yarn start

Frontend

cd frontend
yarn start

Documentation

You can find project's documentation on github wiki

Some other nice projects crypto related

License

DamnVulnerableCryptoApp is MIT licensed

Screenshots

printscreen1 printscreen2 printscreen3 printscreen4

Damn Vulnerable Crypto App's Projects

damnvulnerablecryptoapp icon damnvulnerablecryptoapp

An app with really insecure crypto. To be used to see/test/exploit weak cryptographic implementations as well as to learn a little bit more about crypto, without the need to dive deep into the math behind it

hashpump icon hashpump

A tool to exploit the hash length extension attack in various hashing algorithms

hlextend icon hlextend

Pure Python hash length extension module

padding-oracle-attacker icon padding-oracle-attacker

🔓 CLI tool and library to execute padding oracle attacks easily, with support for concurrent network requests and an elegant UI.

trufflehog icon trufflehog

Searches through git repositories for high entropy strings and secrets, digging deep into commit history

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.