#lambhack A vulnerable serverless lambda application. This is certainly a bad idea to base any coding patterns of what you see here.
lambhack allows you to take advantage of our tried and true application security problems, namely arbitrary code execution, XSS, injection attacks aand more.
This first release only contains arbitrary code execution through the query string. Please feel free to contribute new vulnerabilities.
See RSA preso > http://www.slideshare.net/wickett/serverless-security-are-you-ready-for-the-future
MIT License
Send in PRs
I started out calling this thing serverless-audit but have renamed it lambhack. None of the code reflects this yet.