UNPKG

saksh-secure

Version:

A Node.js tool to investigate login form security and performance issues

32 lines (30 loc) 788 B
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
const defaultConfig = { targetUrl: '', usernameField: 'username', passwordField: 'password', commonUsernames: ['admin', 'user', 'test'], commonPasswords: ['password', '123456', 'admin'], sqlInjectionPayloads: [ "' OR '1'='1", "' OR ''='", "admin' --", "' UNION SELECT NULL, NULL --" ], xssPayloads: [ '<script>alert("XSS")</script>', '"><img src=x onerror=alert("XSS")>', '<svg onload=alert("XSS")>' ], weakPasswords: [ 'pass', 'password123', '12345678', 'abcdefg' ], timeout: 5000, maxAttempts: 5 }; function getConfig(userConfig) { return { ...defaultConfig, ...userConfig }; } module.exports = { getConfig };