# DVHMA
Damn Vulnerable Hybrid Mobile App (DVHMA) is an hybrid mobile app (for
Android) that *intentionally* contains vulnerabilities. Its purpose is
to enable security professionals to test their tools and techniques
legally, help developers better understand the common pitfalls in
developing hybrid mobile apps securely.

## Motivation and Scope
This app is developed to study pitfalls in developing hybrid apps,
e.g., using Apache Cordova or SAP Kapsel, securely. Currently, the
main focus is to develop a deeper understanding of injection
vulnerabilities that exploit the JavaScript to Java bridge.

## Team Members
This application is developed as part of the research project ZertApps
(Certified Security for Mobile Applications) by 
* Achim D. Brucker <achim.brucker@sap.com>
* Michael Herzberg <michael.herzberg@sap.com>

## License
This project is under the Apache 2.0 License.