@contrast/loopback-test-bench

3.15.0 • Public • Published

@contrast/loopback-test-bench

An intentionally vulnerable loopback application.

Running Locally

Make sure you have Node.js installed or install a version of Node from nvm.

git clone https://github.com/Contrast-Security-OSS/NodeTestBenches.git # or clone your own fork
cd NodeTestBenches/loopback
npm install
npm start

Your app should now be running on localhost:3000.

Running with Contrast

Installation

See our documentation for installation instructions.

After installation, the agent can be run with npm run contrast. For more information on configuration and which technologies the agent supports, see our documentation.

Adding a shared vulnerability

Once you have added shared functionality to @contrast/test-bench-utils, you are ready to add an endpoint in the test bench application.

Create a server/boot/ruleName.js file and call the controllerFactory method:

'use strict';

const controllerFactory = require('../utils/controllerFactory');

module.exports = controllerFactory('ruleName');

Check the documentation for controllerFactory under server/utils/controllerFactory.js usage information.

Add a server/views/pages/ruleName.ejs file that includes the shared template from @contrast/test-bench-utils:

<% include ../../../node_modules/@contrast/test-bench-utils/public/views/ruleName.ejs %>

Now run the app and make sure everything works as expected!

Readme

Keywords

none

Package Sidebar

Install

npm i @contrast/loopback-test-bench

Weekly Downloads

0

Version

3.15.0

License

UNLICENSED

Unpacked Size

22.4 kB

Total Files

74

Last publish

Collaborators

  • planetlevel
  • contrastsec
  • tough-griff
  • annettenugent
  • michaelwitz
  • chrisdunne
  • contrast_admin
  • jcolekaplan
  • bmacnaughton