Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details

logicalhacking / Dvhma

Licence: apache-2.0

Damn Vulnerable Hybrid Mobile App (DVHMA) is an hybrid mobile app (for Android) that intentionally contains vulnerabilities.

Programming Languages

javascript

184084 projects - #8 most used programming language

Labels

android cordova vulnerability

Projects that are alternatives of or similar to Dvhma

Zeebsploit

web scanner - exploitation - information gathering

Stars: ✭ 159 (-11.67%)

Mutual labels: vulnerability

Cordova Ios

Apache Cordova iOS

Stars: ✭ 2,031 (+1028.33%)

Mutual labels: cordova

Icongenie

CLI tool to generate all the icons and splashscreens for your Quasar Apps

Stars: ✭ 174 (-3.33%)

Mutual labels: cordova

Vulscan

Advanced vulnerability scanning with Nmap NSE

Stars: ✭ 2,305 (+1180.56%)

Mutual labels: vulnerability

Javalearnvulnerability

Java漏洞学习笔记 Deserialization Vulnerability

Stars: ✭ 160 (-11.11%)

Mutual labels: vulnerability

Cordova App Hello World

Apache Cordova Template App

Stars: ✭ 170 (-5.56%)

Mutual labels: cordova

Hacker101

Source code for Hacker101.com - a free online web and mobile security class.

Stars: ✭ 12,246 (+6703.33%)

Mutual labels: vulnerability

Adapt

ADAPT is a tool that performs automated Penetration Testing for WebApps.

Stars: ✭ 179 (-0.56%)

Mutual labels: vulnerability

Vue Objccn

🔥 Use Vue.js to develop a cross-platform full stack application / 用 Vue.js 开发的跨三端应用

Stars: ✭ 1,993 (+1007.22%)

Mutual labels: cordova

Godnslog

An exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability

Stars: ✭ 172 (-4.44%)

Mutual labels: vulnerability

Cordova Plugin Keyboard

Keyboard Plugin for Cordova

Stars: ✭ 166 (-7.78%)

Mutual labels: cordova

Cordova Create React App

A tutorial on how to set up a Cordova project using Create React App.

Stars: ✭ 167 (-7.22%)

Mutual labels: cordova

Cve Check Tool

Original Automated CVE Checking Tool

Stars: ✭ 172 (-4.44%)

Mutual labels: vulnerability

Vulnix

Vulnerability (CVE) scanner for Nix/NixOS.

Stars: ✭ 161 (-10.56%)

Mutual labels: vulnerability

Vue Movie

基于vue2.0构建的在线电影网【film】，webpack+vue+vuex+keepAlive+muse-ui+cordova 全家桶，打包成APP

Stars: ✭ 175 (-2.78%)

Mutual labels: cordova

Burp Retire Js

Burp/ZAP/Maven extension that integrate Retire.js repository to find vulnerable Javascript libraries.

Stars: ✭ 157 (-12.78%)

Mutual labels: vulnerability

Cordova Plugin Document Viewer

A Document Viewer cordova/phonegap plugin for iOS, Android and Windows

Stars: ✭ 168 (-6.67%)

Mutual labels: cordova

Avpwn

List of real-world threats against endpoint protection software

Stars: ✭ 179 (-0.56%)

Mutual labels: vulnerability

Ionic Native

Native features for mobile apps built with Cordova/PhoneGap and open web technologies. Complete with TypeScript support.

Stars: ✭ 2,129 (+1082.78%)

Mutual labels: cordova

Barcodescanner Sdk Cordova

Cross platform PhoneGap/Cordova Plugin of the Scandit Barcode Scanner SDK

Stars: ✭ 172 (-4.44%)

Mutual labels: cordova

View All Similar Projects ➔

DVHMA

Damn Vulnerable Hybrid Mobile App (DVHMA) is an hybrid mobile app (for Android) that intentionally contains vulnerabilities. Its purpose is to enable security professionals to test their tools and techniques legally, help developers better understand the common pitfalls in developing hybrid mobile apps securely.

Motivation and Scope

This app is developed to study pitfalls in developing hybrid apps, e.g., using Apache Cordova or SAP Kapsel, securely. Currently, the main focus is to develop a deeper understanding of injection vulnerabilities that exploit the JavaScript to Java bridge.

Installation

Prerequisites

We assume that the

Android SDK (https://developer.android.com/sdk/index.html) and
Apache Cordova (https://cordova.apache.org/), version 8.0.0 (later versions might work)

Moreover, we assume a basic familiarity with the build system of Apache Cordova.

Building DVHMA

Setting Environment Variables

export ANDROID_HOME=<Android SDK Installation Directory>
export PATH=$ANDROID_HOME/tools:$PATH
export PATH=$ANDROID_HOME/platform-tools:$PATH

Compiling DVHMA

cd DVHMA-Featherweight
cordova plugin add ../plugins/DVHMA-Storage
cordova plugin add ../plugins/DVHMA-WebIntent 
cordova platform add android
cordova compile android

Running DVHMA in an Emulator

cordova run android

Team Members

The development of this application started as part of the project ZertApps. ZertApps was a collaborative research project funded by the German Ministry for Research and Education. It is now developed and maintained by the Software Assurance & Security Research Team at The University of Sheffield, UK.

The core developers of DVHMA are:

License

This project is under the Apache 2.0 License.

SPDX-License-Identifier: Apache-2.0

Master Repository

The master git repository for this project is hosted by the Software Assurance & Security Research Team at https://git.logicalhacking.com/DASCA/DVHMA/.

Publications

Achim D. Brucker and Michael Herzberg. On the Static Analysis of Hybrid Mobile Apps: A Report on the State of Apache Cordova Nation. In International Symposium on Engineering Secure Software and Systems (ESSoS). Lecture Notes in Computer Science (9639), pages 72-88, Springer-Verlag, 2016. https://www.brucker.ch/bibliography/abstract/brucker.ea-cordova-security-2016 doi: 10.1007/978-3-319-30806-7_5

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Stars: ✭ 180

Visit Git Page 🔗Visit User Page 🔗Visit Issues Page (1) 🔗