DIVA (Damn insecure and vulnerable App) is an App intentionally designed to be insecure. Payatu are releasing the Android version of Diva. They thought it would be a nice way to start the year by contributing something to the security community. The aim of the App is to teach developers/QA/security professionals, flaws that are generally present in the Apps due poor or insecure coding practices.
Git clone the repository.
- Insecure Logging
- Hardcoding Issues – Part 1
- Insecure Data Storage – Part 1
- Insecure Data Storage – Part 2
- Insecure Data Storage – Part 3
- Insecure Data Storage – Part 4
- Input Validation Issues – Part 1
- Input Validation Issues – Part 2
- Access Control Issues – Part 1
- Access Control Issues – Part 2
- Access Control Issues – Part 3
- Hardcoding Issues – Part 2
- Input Validation Issues – Part 3