Go
Mono Repo
Section titled “Mono Repo”CrAPI: completely ridiculous API
Section titled “CrAPI: completely ridiculous API”- Description: crAPI is vulnerable by design, but you’ll be able to safely run it to educate/train yourself.
- Source Code: crAPI Example Repository
- Credentials: Note: you will need to go and create your own user with the registration URL http://localhost:8888/signup; this is not automatically created. Here is an example of what user/pass will work:
- Username:
admin@mail.com - Password:
adminA1!
- Username:
git clone https://github.com/OWASP/crAPIcd crAPI
# Start the applicationdocker-compose pulldocker-compose -f docker-compose.yml --compatibility up -d; sleep 10
# Record authentication - click on Form Auth# Note: you will need to go and create your own user with the registration url http://localhost:8888/signup, this is not automatically created# - Username: `admin@mail.com`# - Password: `adminA1!`
URL=http://localhost:8888
nightvision target create $TARGET $URL --type apinightvision swagger extract . -t $TARGET -l all
# Note: you will need to go and create your own user with the registration url# fill in the following to here then login http://localhost:8888/signup
# Example credentials:# name: admin# phon: 1234567# user: admin2@mail.com# pass: adminA1!nightvision auth playwright create $TARGET $URL
nightvision scan $TARGET --auth $AUTH