AI Startup
Scrappy AI SaaS with exposed prompt config, debug env data, and a leaky support search.
/site/ai-startup/
CWE-200CWE-306
SlopEmu Scenario Hub
Each route below renders a small app-like page that leaks or mishandles something on load, plus supporting endpoints and weak validation paths for scanner calibration.
Indie SaaS
Solo-founder SaaS that exposes account data, billing config, client-trusted subscription upgrades, and a dashboard without auth.
/site/indie-saas/
CWE-639CWE-602CWE-200
Hosting Panel Bypass
Hosting control panel that simulates a 2026-style session-loading authentication bypass on internet-exposed admin paths.
/site/hosting-panel-bypass/
CWE-288CWE-306
Enterprise Legacy
Old internal stack with forgotten APIs, direct SQL dumps, and reports behind weak assumptions.
/site/enterprise-legacy/
CWE-538CWE-200
Supabase Clone
Project dashboard that loads profiles and storage metadata with an exposed anon config.
/site/supabase-clone/
CWE-862CWE-200
Naked Postgres
Database console that simulates a publicly reachable Postgres service with weak network and auth settings.
/site/naked-postgres/
CWE-284CWE-319CWE-200
Next.js App
A modern frontend that advertises hidden flags and exposes build artifacts.
/site/nextjs-app/
CWE-200CWE-540
GraphQL API
GraphQL endpoint with enabled introspection and sensitive fields accessible to anonymous callers.
/site/graphql-api/
CWE-200CWE-862
Fintech App
Wallet UI that preloads another customer account and accepts weak amount validation.
/site/fintech-app/
CWE-639CWE-20
Ecommerce Advanced
Checkout flow that trusts client totals, weak email validation, and exposed order lookups.
/site/ecommerce-advanced/
CWE-602CWE-639
DevOps Leak
Operations panel with deploy workflow files, verbose logs, and a downloadable backup archive.
/site/devops-leak/
CWE-538CWE-200
Poisoned CI Action
Release pipeline that simulates compromised automation credentials, retagged actions, and leaked workflow secrets.
/site/poisoned-ci-action/
CWE-522CWE-829
Staging Env
Staging UI that automatically loads internal users and skips normal gatekeeping.
/site/staging-env/
CWE-306CWE-200
CORS Misconfig
API playground that highlights a permissive credentialed CORS policy.
/site/cors-misconfig/
CWE-942CWE-306
Mobile Backend
Backend docs that encourage trusting mobile headers and exposing versioned admin APIs.
/site/mobile-backend/
CWE-290CWE-798
Multi Tenant SaaS
Tenant switcher that happily loads users from another org when the ID changes.
/site/multi-tenant-saas/
CWE-284CWE-639
CMS Platform
Simple editorial dashboard that stores unsafe HTML and reflects form preview content back into raw HTML.
/site/cms-platform/
CWE-79CWE-602
Auth System
Login panel with weak email validation, reusable tokens, and a leaked signing secret.
/site/auth-system/
CWE-287CWE-798
Internal Tools
No-login operations console with internal APIs and support shortcuts rendered on load.
/site/internal-tools/
CWE-306CWE-200
Analytics Dashboard
Open metrics board that fetches revenue and customer health data on first paint.
/site/analytics-dashboard/
CWE-200CWE-306
File Upload Service
Upload widget that accepts arbitrary names, weak content checks, and traversal-style reads.
/site/file-upload/
CWE-434CWE-22
Chat App
Shared chat room that stores raw HTML and leaks other room traffic into the default view.
/site/chat-app/
CWE-79CWE-200
Config Leak
Settings page that loads environment, feature flags, and internal hostnames into the browser.
/site/config-leak/
CWE-200CWE-489
Git Exposed
Minimal site whose public surface includes live repository metadata files.
/site/git-exposed/
CWE-200CWE-538
Feature Flag App
Frontend boot script enables admin and bypass flows before the server checks anything.
/site/feature-flags/
CWE-602CWE-306
Hybrid Modern App
Calibration target with intentionally mixed results so scanners can measure precision as well as recall.
/site/hybrid-modern/
CWE-200CWE-602
Agent Tool Abuse
Chat agent concatenates user input into the system prompt and exposes shell, fetch, and fs tools that anyone can drive.
/site/agent-tool-abuse/
CWE-77CWE-94
RAG Poisoning
Knowledge base accepts public uploads and treats poisoned chunks as authoritative answers.
/site/rag-poisoning/
CWE-77CWE-200
Open MCP Server
Internet-reachable MCP server with no auth that exposes shell.exec, db.query, and secrets.read.
/site/mcp-open/
CWE-306CWE-200
Vector DB Leak
Frontend ships a Pinecone key and the search endpoint accepts a wildcard namespace across tenants.
/site/vector-db-leak/
CWE-798CWE-200
OAuth Redirect
OAuth authorize endpoint trusts arbitrary redirect_uri values and never verifies state or PKCE.
/site/oauth-redirect/
CWE-601CWE-1275
Password Reset Flaws
Reset flow leaks account existence, ships tokens in URLs, and accepts predictable 6-digit values.
/site/password-reset-flaws/
CWE-640CWE-204
JWT Alg Confusion
Verifier accepts alg=none and dereferences attacker-controlled kid paths.
/site/jwt-alg-confusion/
CWE-347CWE-327
Magic Link & OTP
Passwordless flow with no rate limit, 6-digit OTP, and reusable long-TTL magic links.
/site/magic-link-otp/
CWE-307CWE-294
SSRF Image Proxy
Avatar resizer fetches arbitrary URLs including cloud metadata, internal services, and file://.
/site/ssrf-image-proxy/
CWE-918
Raw SQL Injection
User search builds SQL by string concatenation and reflects errors back to the client.
/site/sqli-raw/
CWE-89
NoSQL Operator Injection
Login passes JSON sub-objects into Mongo so $ne/$gt operators bypass authentication.
/site/nosql-injection/
CWE-943
Server-Side Template Injection
Newsletter previewer evaluates user-supplied templates with access to env globals.
/site/ssti/
CWE-94CWE-1336
Mass Assignment
Profile PATCH spreads request body into the user record and lets clients write is_admin.
/site/mass-assignment/
CWE-915
Open Redirect
Login callback honors any next URL, including protocol-relative and javascript: payloads.
/site/open-redirect/
CWE-601
XXE in SVG
SVG parser resolves external entities and embeds their contents into the rendered output.
/site/xxe-svg/
CWE-611
Zip Slip
Archive importer writes entries using their raw filenames, escaping the upload directory.
/site/zip-slip/
CWE-22CWE-434
Webhook Unverified
Stripe and GitHub webhook handlers skip signature checks or use weak ==.
/site/webhook-unverified/
CWE-345CWE-347
Stripe Paid-Param Trust
Checkout success page upgrades plans based on URL query params instead of verifying with Stripe.
/site/stripe-paid-trust/
CWE-602
Swagger UI Exposed
Swagger UI is reachable with a pre-filled bearer token and lists every admin endpoint.
/site/swagger-exposed/
CWE-200CWE-306
Sentry / Telemetry Keys
Frontend bundle exposes Sentry DSN, PostHog write key, and Datadog client token.
/site/sentry-dsn-leak/
CWE-200CWE-798
Prototype Pollution
Deep-merge endpoint walks __proto__ keys, polluting global config and feature flags.
/site/prototype-pollution/
CWE-1321
postMessage No Origin
Parent page accepts postMessage events from any origin and runs privileged actions.
/site/postmessage-no-origin/
CWE-346CWE-940
Missing CSP / Headers
Responses ship without CSP, X-Frame-Options, or HSTS, enabling framing and inline scripts.
/site/csp-missing/
CWE-1021CWE-693
CSRF Missing
Email change form has no CSRF token and the session cookie is set with SameSite=None.
/site/csrf-missing/
CWE-352
Public S3 Bucket
User-content bucket grants ListBucket and PutObject to wildcard principal.
/site/s3-public-bucket/
CWE-732CWE-200
Subdomain Takeover
Marketing subdomain CNAMEs to a deleted Heroku app and is claimable by anyone.
/site/subdomain-takeover/
CWE-284CWE-1395
Open Redis
Redis bound to 0.0.0.0:6379 with no requirepass, leaking sessions and live commands.
/site/redis-open/
CWE-306CWE-319
Open MongoDB
MongoDB bound publicly with --noauth, exposing tenant DBs and password hashes.
/site/mongo-open/
CWE-306CWE-200
ref0 (Clean Reference)
Clean reference site with auth required, validated input, secure cookies, and full security headers. Any finding here is a false positive.
/site/ref0/