##Dan wuz here
A protect by design demo application, initially based on Ben Hassine's TodoMVC, and protected by Cloud One Application Security.
The goal of this application is to demonstrate through example how to find, exploit and fix vulnerable Maven packages, while protecting its runtime with Trend Micro's Cloud One Application Security.
This repo is still incomplete and is meant solely for educational demonstrations.
(from the original README.md)
Note that to run locally, you need JDK 8.
- Check out the project source code from github :
git clone github.com/andresark/java-goof-trend.git - Open a terminal and run the following command from root directory :
mvn install - Choose a web framework to test and run it. For example :
cd todolist-web-struts && mvn tomcat7:run(note: this example currently only copied the Struts demo) - Browse the following URL :
localhost:8080/ - You can register a new account or login using the following credentials : foo@bar.org / foobar
docker-compose up --build
docker-compose downCheck the /exploits directory for some ready-to-use exploits.
This is an Open Source community project. Project contributors may be able to help, depending on their time and availability. Please be specific about what you're trying to do, your system, and steps to reproduce the problem.
For bug reports or feature requests, please open an issue. You are welcome to contribute.
Official support from Trend Micro is not available. Individual contributors may be Trend Micro employees, but are not official support.
This repo is available released under the MIT License.