Demo Blog Site

This site is purposly built to be bad to test your security tooling!

What's in here?

Hugo website running a basic website

Vulnerabilites

Docker Image

Alpline Linux 3.18 which contains numerous CVEs

Python App

Requests containing CVEs (CVE-2018-18074, CVE-2023-32681 and CVE-2024-35195)

NodeJS App

Express which contains transient dependencies:

CVE-2024-29041 [High]
Lodash:

CVE-2020-28500 [High]

CVE-2020-8203 [Critical]

CVE-2021-23337 [Critical]

NSWG-ECO-516 [Critical]

Personal Data

There are different types of PII that can be used to validate your security tool is able to perform data security.

Credit cards:
- Visa
- Mastercard
- Amex
PII - Names and email addresses

Secrets

Mock AWS IAM keys

Name		Name	Last commit message	Last commit date
Latest commit History 80 Commits
.github/workflows		.github/workflows
helm/ifunky-secsite		helm/ifunky-secsite
manifests		manifests
people_info		people_info
web_app_posts		web_app_posts
web_helper_scripts		web_helper_scripts
www		www
.gitignore		.gitignore
.wiz		.wiz
Dockerfile		Dockerfile
Makefile		Makefile
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

Demo Blog Site

What's in here?

Vulnerabilites

Docker Image

Python App

NodeJS App

Personal Data

Secrets

About

Uh oh!

Releases

Packages

Uh oh!

Languages

ifunky/demo-site

Folders and files

Latest commit

History

Repository files navigation

Demo Blog Site

What's in here?

Vulnerabilites

Docker Image

Python App

NodeJS App

Personal Data

Secrets

About

Topics

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Languages

Packages