Git Product home page Git Product logo

small-project's Introduction

Sign

Damn Small Vulnerable Web Python 3.x License

Damn Small Vulnerable Web (DSVW) is a deliberately vulnerable web application written in under 100 lines of code, created for educational purposes. It supports majority of (most popular) web application vulnerabilities together with appropriate attacks. Test

XSS

Quick start

Run the following command:

$ python3 dsvw.py 
Damn Small Vulnerable Web (DSVW) < 100 LoC (Lines of Code) #v0.2a
 by: Miroslav Stampar (@stamparm)

[i] running HTTP server at 'http://127.0.0.1:65412'...

and navigate your browser to http://127.0.0.1:65412/:

DSVW

Requirements

Python (3.x) is required for running this program. Items XML External Entity (local), XML External Entity (remote) and Blind XPath Injection (boolean) require installation of python-lxml (e.g. apt-get install python-lxml). Otherwise, those will be disabled.

To install lxml via pip, run the following command:

pip install -r requirements.txt

test2

small-project's People

Contributors

pedrompflopes avatar

Watchers

avatar

Forkers

andregcx cxastyoavorg yoavast tiagobcx

small-project's Issues

Command_Injection @ /dsvw.py

Command_Injection issue exists @ dsvw.py in branch main

The application's do_GET method calls an OS (shell) command with envs, at line 57 of /dsvw.py, using an untrusted string with the command to execute.  

This could allow an attacker to inject an arbitrary command, and enable a Command Injection attack.

The attacker may be able to inject the executed command via user input, get, which is retrieved by the application in the do_GET method, at line 56 of /dsvw.py.

Namespace: pedrompflopes
Repository: small-project
Repository Url: https://github.com/pedrompflopes/small-project
CxAST-Project: pedrompflopes/small-project
CxAST platform scan: c8ffe959-aafe-486d-a7e7-1ba92f6aee49
Branch: main
Application: small-project
Severity: HIGH
State: TO_VERIFY
Status: RECURRENT
CWE: 77
Lines: 56

References
Read more

CVE-2019-1010083 @ Python-Flask-0.12.2

Vulnerable Package issue exists @ Python-Flask-0.12.2 in branch main

The Pallets Project Flask before 1.0 is affected by: unexpected memory usage. The impact is: denial of service. The attack vector is: crafted encoded JSON data. The fixed version is: 1. NOTE: this may overlap CVE-2018-1000656.

Namespace: pedrompflopes
Repository: small-project
Repository Url: https://github.com/pedrompflopes/small-project
CxAST-Project: pedrompflopes/small-project
CxAST platform scan: c8ffe959-aafe-486d-a7e7-1ba92f6aee49
Branch: main
Application: small-project
Severity: HIGH
State: TO_VERIFY
Status: RECURRENT
CWE: CWE-399

Additional Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: NONE
Availability impact: HIGH
Remediation Upgrade Recommendation: 2.2.5

References
Release Note
Pull request
Commit

Code_Injection @ /dsvw.py

Code_Injection issue exists @ dsvw.py in branch main

The application's do_GET method receives and dynamically executes user-controlled code using exec, at line 57 of /dsvw.py. This could enable an attacker to inject and run arbitrary code.

The attacker can inject the executed code via user input, get, which is retrieved by the application in the do_GET method, at line 56 of /dsvw.py.

Namespace: pedrompflopes
Repository: small-project
Repository Url: https://github.com/pedrompflopes/small-project
CxAST-Project: pedrompflopes/small-project
CxAST platform scan: c8ffe959-aafe-486d-a7e7-1ba92f6aee49
Branch: main
Application: small-project
Severity: HIGH
State: TO_VERIFY
Status: RECURRENT
CWE: 94
Lines: 56

References
Read more

CVE-2019-14322 @ Python-Werkzeug-0.14.1

Vulnerable Package issue exists @ Python-Werkzeug-0.14.1 in branch main

In Pallets Werkzeug before 0.15.5, SharedDataMiddleware mishandles drive names (such as C:) in Windows pathnames.

Namespace: pedrompflopes
Repository: small-project
Repository Url: https://github.com/pedrompflopes/small-project
CxAST-Project: pedrompflopes/small-project
CxAST platform scan: c8ffe959-aafe-486d-a7e7-1ba92f6aee49
Branch: main
Application: small-project
Severity: HIGH
State: TO_VERIFY
Status: RECURRENT
CWE: CWE-22

Additional Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: HIGH
Availability impact: NONE
Remediation Upgrade Recommendation: 2.2.3

References
Advisory
Commit

CVE-2019-8341 @ Python-Jinja2-2.9.6

Vulnerable Package issue exists @ Python-Jinja2-2.9.6 in branch main

An issue was discovered in Jinja2 2.10. The from_string function is prone to Server Side Template Injection (SSTI) where it takes the "source" parameter as a template object, renders it, and then returns it. The attacker can exploit it with {{INJECTION COMMANDS}} in a URI.

Namespace: pedrompflopes
Repository: small-project
Repository Url: https://github.com/pedrompflopes/small-project
CxAST-Project: pedrompflopes/small-project
CxAST platform scan: c8ffe959-aafe-486d-a7e7-1ba92f6aee49
Branch: main
Application: small-project
Severity: HIGH
State: TO_VERIFY
Status: RECURRENT
CWE: CWE-94

Additional Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: HIGH
Availability impact: HIGH
Remediation Upgrade Recommendation: 2.11.3

References
Issue

CVE-2016-5851 @ Python-python-docx-0.8.5

Vulnerable Package issue exists @ Python-python-docx-0.8.5 in branch main

python-docx before 0.8.6 allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted document.

Namespace: pedrompflopes
Repository: small-project
Repository Url: https://github.com/pedrompflopes/small-project
CxAST-Project: pedrompflopes/small-project
CxAST platform scan: c8ffe959-aafe-486d-a7e7-1ba92f6aee49
Branch: main
Application: small-project
Severity: HIGH
State: TO_VERIFY
Status: RECURRENT
CWE: CWE-611

Additional Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: HIGH
Availability impact: HIGH
Remediation Upgrade Recommendation: 0.8.6

References
Advisory
Mail Thread
POC/Exploit
Mail Thread
Release Note
Pull request
Commit

Unpinned Package Version in Apk Add @ /Dockerfile

Unpinned Package Version in Apk Add issue exists @ Dockerfile in branch main

Package version pinning reduces the range of versions that can be installed, reducing the chances of failure due to unanticipated changes

Namespace: pedrompflopes
Repository: small-project
Repository Url: https://github.com/pedrompflopes/small-project
CxAST-Project: pedrompflopes/small-project
CxAST platform scan: c8ffe959-aafe-486d-a7e7-1ba92f6aee49
Branch: main
Application: small-project
Severity: MEDIUM
State: TO_VERIFY
Status: RECURRENT

CVE-2023-37920 @ Python-certifi-2017.4.17

Vulnerable Package issue exists @ Python-certifi-2017.4.17 in branch main

Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi 1.0.1 through 2023.5.7 recognizes "e-Tugra" root certificates. e-Tugra's root certificates were subject to an investigation prompted by reporting of security issues in their systems. Certifi 2023.07.22 removes root certificates from "e-Tugra" from the root store.

Namespace: pedrompflopes
Repository: small-project
Repository Url: https://github.com/pedrompflopes/small-project
CxAST-Project: pedrompflopes/small-project
CxAST platform scan: c8ffe959-aafe-486d-a7e7-1ba92f6aee49
Branch: main
Application: small-project
Severity: HIGH
State: TO_VERIFY
Status: RECURRENT
CWE: CWE-345

Additional Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: NONE
Availability impact: NONE
Remediation Upgrade Recommendation: 2023.7.22

References
Advisory
Commit

CVE-2020-26137 @ Python-urllib3-1.21.1

Vulnerable Package issue exists @ Python-urllib3-1.21.1 in branch main

urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest(). NOTE: this is similar to CVE-2020-26116.

Namespace: pedrompflopes
Repository: small-project
Repository Url: https://github.com/pedrompflopes/small-project
CxAST-Project: pedrompflopes/small-project
CxAST platform scan: c8ffe959-aafe-486d-a7e7-1ba92f6aee49
Branch: main
Application: small-project
Severity: MEDIUM
State: TO_VERIFY
Status: RECURRENT
CWE: CWE-74

Additional Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: LOW
Availability impact: NONE
Remediation Upgrade Recommendation: 1.26.5

References
Issue
Pull request
Commit
Advisory

CVE-2019-14806 @ Python-Werkzeug-0.14.1

Vulnerable Package issue exists @ Python-Werkzeug-0.14.1 in branch main

Pallets Werkzeug before 0.15.3, when used with Docker, has insufficient debugger PIN randomness because Docker containers share the same machine id.

Namespace: pedrompflopes
Repository: small-project
Repository Url: https://github.com/pedrompflopes/small-project
CxAST-Project: pedrompflopes/small-project
CxAST platform scan: c8ffe959-aafe-486d-a7e7-1ba92f6aee49
Branch: main
Application: small-project
Severity: HIGH
State: TO_VERIFY
Status: RECURRENT
CWE: CWE-331

Additional Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: HIGH
Availability impact: NONE
Remediation Upgrade Recommendation: 2.2.3

References
Release Note
Commit

CVE-2023-28370 @ Python-tornado-4.5.1

Vulnerable Package issue exists @ Python-tornado-4.5.1 in branch main

Open Redirect vulnerability in tornado versions prior to 6.3.2, allows an unauthenticated remote attacker to redirect a user to an arbitrary website and conduct a phishing attack by having the user access a specially crafted URL.

Namespace: pedrompflopes
Repository: small-project
Repository Url: https://github.com/pedrompflopes/small-project
CxAST-Project: pedrompflopes/small-project
CxAST platform scan: c8ffe959-aafe-486d-a7e7-1ba92f6aee49
Branch: main
Application: small-project
Severity: MEDIUM
State: TO_VERIFY
Status: RECURRENT
CWE: CWE-601

Additional Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: LOW
Availability impact: NONE
Remediation Upgrade Recommendation: 6.3.2

References
Advisory
Pull request
Commit
Release Note

CVE-2017-18342 @ Python-PyYAML-3.12

Vulnerable Package issue exists @ Python-PyYAML-3.12 in branch main

In PyYAML before 5.1b1, the yaml.load() API could execute arbitrary code if used with untrusted data. The load() function was deprecated and the 'UnsafeLoader' was introduced for backward compatibility with the function.
NOTE: There was an initial fix which was later reverted. The actual fix occurred in the commit "857dff15".

Namespace: pedrompflopes
Repository: small-project
Repository Url: https://github.com/pedrompflopes/small-project
CxAST-Project: pedrompflopes/small-project
CxAST platform scan: c8ffe959-aafe-486d-a7e7-1ba92f6aee49
Branch: main
Application: small-project
Severity: HIGH
State: TO_VERIFY
Status: RECURRENT
CWE: CWE-20

Additional Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: HIGH
Availability impact: HIGH
Remediation Upgrade Recommendation: 5.4

References
Commit
Issue
Pull request
Advisory

Missing_HSTS_Header @ /dsvw.py

Missing_HSTS_Header issue exists @ dsvw.py in branch main

The web-application does not define an HSTS header, leaving it vulnerable to attack.

Namespace: pedrompflopes
Repository: small-project
Repository Url: https://github.com/pedrompflopes/small-project
CxAST-Project: pedrompflopes/small-project
CxAST platform scan: c8ffe959-aafe-486d-a7e7-1ba92f6aee49
Branch: main
Application: small-project
Severity: MEDIUM
State: TO_VERIFY
Status: RECURRENT
CWE: 346
Lines: 76

References
Read more

CVE-2019-10906 @ Python-Jinja2-2.9.6

Vulnerable Package issue exists @ Python-Jinja2-2.9.6 in branch main

In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape.

Namespace: pedrompflopes
Repository: small-project
Repository Url: https://github.com/pedrompflopes/small-project
CxAST-Project: pedrompflopes/small-project
CxAST platform scan: c8ffe959-aafe-486d-a7e7-1ba92f6aee49
Branch: main
Application: small-project
Severity: HIGH
State: TO_VERIFY
Status: RECURRENT
CWE: CWE-138

Additional Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: HIGH
Availability impact: NONE
Remediation Upgrade Recommendation: 2.11.3

References
Commit
Advisory
Release Note
Issue

CVE-2023-30861 @ Python-Flask-0.12.2

Vulnerable Package issue exists @ Python-Flask-0.12.2 in branch main

Flask is a lightweight WSGI web application framework. When all of the following conditions are met, a response containing data intended for one client may be cached and subsequently sent by the proxy to other clients. If the proxy also caches Set-Cookie headers, it may send one client's session cookie to other clients. The severity depends on the application's use of the session and the proxy's behavior regarding cookies. The risk depends on all these conditions being met. The application must be hosted behind a caching proxy that does not strip cookies or ignore responses with cookies. The application sets session.permanent = True. The application does not access or modify the session at any point during a request. SESSION_REFRESH_EACH_REQUEST enabled (the default). The application does not set a Cache-Control header to indicate that a page is private or should not be cached. This happens because vulnerable versions of Flask only set the Vary: Cookie header when the session is accessed or modified, not when it is refreshed (re-sent to update the expiration) without being accessed or modified. This issue affects flask versions prior to 2.2.5, and 2.3.x prior to 2.3.2.

Namespace: pedrompflopes
Repository: small-project
Repository Url: https://github.com/pedrompflopes/small-project
CxAST-Project: pedrompflopes/small-project
CxAST platform scan: c8ffe959-aafe-486d-a7e7-1ba92f6aee49
Branch: main
Application: small-project
Severity: HIGH
State: TO_VERIFY
Status: RECURRENT
CWE: CWE-539

Additional Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: HIGH
Availability impact: NONE
Remediation Upgrade Recommendation: 2.2.5

References
Advisory
Release Note
Commit

CVE-2020-1747 @ Python-PyYAML-3.12

Vulnerable Package issue exists @ Python-PyYAML-3.12 in branch main

A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the "full_load" method or with the "FullLoader" loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. An attacker could use this flaw to execute arbitrary code on the system by abusing the python/object/new constructor.

Namespace: pedrompflopes
Repository: small-project
Repository Url: https://github.com/pedrompflopes/small-project
CxAST-Project: pedrompflopes/small-project
CxAST platform scan: c8ffe959-aafe-486d-a7e7-1ba92f6aee49
Branch: main
Application: small-project
Severity: HIGH
State: TO_VERIFY
Status: RECURRENT
CWE: CWE-20

Additional Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: HIGH
Availability impact: HIGH
Remediation Upgrade Recommendation: 5.4

References
Issue
Pull request
Commit
Advisory

Stored_XSS @ /dsvw.py

Stored_XSS issue exists @ dsvw.py in branch main

The method do_GET embeds untrusted data in generated output with write, at line 80 of /dsvw.py. This untrusted data is embedded into the output without proper sanitization or encoding, enabling an attacker to inject malicious code into the generated web-page.

The attacker would be able to alter the returned web page by saving malicious data in a data-store ahead of time. The attacker's modified data is then read from the database by the do_GET method with connection, at line 26 of /dsvw.py. This untrusted data then flows through the code straight to the output web page, without sanitization. 

This can enable a Stored Cross-Site Scripting (XSS) attack.

Namespace: pedrompflopes
Repository: small-project
Repository Url: https://github.com/pedrompflopes/small-project
CxAST-Project: pedrompflopes/small-project
CxAST platform scan: c8ffe959-aafe-486d-a7e7-1ba92f6aee49
Branch: main
Application: small-project
Severity: HIGH
State: TO_VERIFY
Status: RECURRENT
CWE: 79
Lines: 26 35 37

References
Read more

CVE-2020-28493 @ Python-Jinja2-2.9.6

Vulnerable Package issue exists @ Python-Jinja2-2.9.6 in branch main

This affects the package jinja2 from 0.0.0 and before 2.11.3. The ReDOS vulnerability of the regex is mainly due to the sub-pattern [a-zA-Z0-9.-]+.[a-zA-Z0-9.-]+ This issue can be mitigated by Markdown to format user content instead of the urlize filter, or by implementing request timeouts and limiting process memory.

Namespace: pedrompflopes
Repository: small-project
Repository Url: https://github.com/pedrompflopes/small-project
CxAST-Project: pedrompflopes/small-project
CxAST platform scan: c8ffe959-aafe-486d-a7e7-1ba92f6aee49
Branch: main
Application: small-project
Severity: MEDIUM
State: TO_VERIFY
Status: RECURRENT
CWE: CWE-400

Additional Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: NONE
Availability impact: LOW
Remediation Upgrade Recommendation: 2.11.3

References
Pull request
Commit
Advisory

CVE-2014-9130 @ Python-PyYAML-3.12

Vulnerable Package issue exists @ Python-PyYAML-3.12 in branch main

scanner.c in LibYAML through 0.1.6, as used in the YAML-LibYAML (aka YAML-XS) module for Perl, allows context-dependent attackers to cause a denial of service (assertion failure and crash) via vectors involving line-wrapping.

Namespace: pedrompflopes
Repository: small-project
Repository Url: https://github.com/pedrompflopes/small-project
CxAST-Project: pedrompflopes/small-project
CxAST platform scan: c8ffe959-aafe-486d-a7e7-1ba92f6aee49
Branch: main
Application: small-project
Severity: MEDIUM
State: TO_VERIFY
Status: RECURRENT
CWE: CWE-20

Additional Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: NONE
Availability impact: PARTIAL
Remediation Upgrade Recommendation: 5.4

References
Commit
Advisory
Issue
Mail Thread

CVE-2022-29217 @ Python-PyJWT-1.5.2

Vulnerable Package issue exists @ Python-PyJWT-1.5.2 in branch main

PyJWT is a Python implementation of RFC 7519. PyJWT supports multiple different JWT signing algorithms. With JWT, an attacker submitting the JWT token can choose the used signing algorithm. The PyJWT library requires that the application chooses what algorithms are supported. The application can specify jwt.algorithms.get_default_algorithms() to get support for all algorithms, or specify a single algorithm. The issue is not that big as algorithms=jwt.algorithms.get_default_algorithms() has to be used. Users should upgrade to v2.4.0 to receive a patch for this issue. As a workaround, always be explicit with the algorithms that are accepted and expected when decoding. This issue affects versions 1.5.0 through 2.3.0.

Namespace: pedrompflopes
Repository: small-project
Repository Url: https://github.com/pedrompflopes/small-project
CxAST-Project: pedrompflopes/small-project
CxAST platform scan: c8ffe959-aafe-486d-a7e7-1ba92f6aee49
Branch: main
Application: small-project
Severity: HIGH
State: TO_VERIFY
Status: RECURRENT
CWE: CWE-327

Additional Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: NONE
Availability impact: NONE
Remediation Upgrade Recommendation: 2.4.0

References
Advisory
Commit
Release Note

CVE-2023-32681 @ Python-requests-2.18.1

Vulnerable Package issue exists @ Python-requests-2.18.1 in branch main

Requests is a HTTP library. Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use rebuild_proxies to reattach the Proxy-Authorization header to requests. For HTTP connections sent through the tunnel, the proxy will identify the header in the request itself and remove it prior to forwarding to the destination server. However when sent over HTTPS, the Proxy-Authorization header must be sent in the CONNECT request as the proxy has no visibility into the tunneled request. This results in Requests forwarding proxy credentials to the destination server unintentionally, allowing a malicious actor to potentially exfiltrate sensitive information. This issue affects versions 2.3.0 through 2.30.0.

Namespace: pedrompflopes
Repository: small-project
Repository Url: https://github.com/pedrompflopes/small-project
CxAST-Project: pedrompflopes/small-project
CxAST platform scan: c8ffe959-aafe-486d-a7e7-1ba92f6aee49
Branch: main
Application: small-project
Severity: MEDIUM
State: TO_VERIFY
Status: RECURRENT
CWE: CWE-200

Additional Info
Attack vector: NETWORK
Attack complexity: HIGH
Confidentiality impact: HIGH
Availability impact: NONE
Remediation Upgrade Recommendation: 2.31.0

References
Advisory
Release Note
Commit

CVE-2021-33503 @ Python-urllib3-1.21.1

Vulnerable Package issue exists @ Python-urllib3-1.21.1 in branch main

An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in the authority component, the authority regular expression exhibits catastrophic backtracking, causing a denial of service if a URL were passed as a parameter or redirected to via an HTTP redirect.

Namespace: pedrompflopes
Repository: small-project
Repository Url: https://github.com/pedrompflopes/small-project
CxAST-Project: pedrompflopes/small-project
CxAST platform scan: c8ffe959-aafe-486d-a7e7-1ba92f6aee49
Branch: main
Application: small-project
Severity: HIGH
State: TO_VERIFY
Status: RECURRENT
CWE: CWE-400

Additional Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: NONE
Availability impact: HIGH
Remediation Upgrade Recommendation: 1.26.5

References
Advisory
Commit
Issue

CVE-2023-25577 @ Python-Werkzeug-0.14.1

Vulnerable Package issue exists @ Python-Werkzeug-0.14.1 in branch main

Werkzeug is a comprehensive WSGI web application library. Prior to version 2.2.3, Werkzeug's multipart form data parser will parse an unlimited number of parts, including file parts. Parts can be a small amount of bytes, but each requires CPU time to parse and may use more memory as Python data. If a request can be made to an endpoint that accesses request.data, request.form, request.files, or request.get_data(parse_form_data=False), it can cause unexpectedly high resource usage. This allows an attacker to cause a denial of service by sending crafted multipart data to an endpoint that will parse it. The amount of CPU time required can block worker processes from handling legitimate requests. The amount of RAM required can trigger an out of memory kill of the process. Unlimited file parts can use up memory and file handles. If many concurrent requests are sent continuously, this can exhaust or kill all available workers.

Namespace: pedrompflopes
Repository: small-project
Repository Url: https://github.com/pedrompflopes/small-project
CxAST-Project: pedrompflopes/small-project
CxAST platform scan: c8ffe959-aafe-486d-a7e7-1ba92f6aee49
Branch: main
Application: small-project
Severity: HIGH
State: TO_VERIFY
Status: RECURRENT
CWE: CWE-770

Additional Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: NONE
Availability impact: HIGH
Remediation Upgrade Recommendation: 2.2.3

References
Advisory
Commit
Release Note

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.