GitHub

Hello!

Hey Chris!

A protect by design demo application, initially based on Ben Hassine's TodoMVC, and protected by Cloud One Application Security.

The goal of this application is to demonstrate through example how to find, exploit and fix vulnerable Maven packages.

This repo is still incomplete, a work in progress to support related presentations.

(from the original README)

Note that to run locally, you need JDK 8.

Check out the project source code from github : git clone https://github.com/snyk/java-goof.git
Open a terminal and run the following command from root directory : mvn install
Choose a web framework to test and run it. For example : cd todolist-web-struts && mvn tomcat7:run (note: this example currently only copied the Struts demo)
Browse the following URL : localhost:8080/
You can register a new account or login using the following credentials : [email protected] / foobar

docker-compose up --build
docker-compose down

This repo is available released under the MIT License.

Name		Name	Last commit message	Last commit date
Latest commit History 4 Commits
exploits		exploits
out/production/localhost		out/production/localhost
src		src
todolist-core		todolist-core
todolist-web-common		todolist-web-common
todolist-web-struts		todolist-web-struts
Dockerfile		Dockerfile
Procfile		Procfile
README.md		README.md
cert.pem		cert.pem
deployment.yaml		deployment.yaml
docker-compose.yml		docker-compose.yml
key.pem		key.pem
pom.xml		pom.xml
trend_app_protect-4.2.0.jar		trend_app_protect-4.2.0.jar
trend_app_protect.properties		trend_app_protect.properties