Skip to content
/ ZapCon-2022-demo Public

Code used in the demo from the "Final Frontier: Automating DYNAMIC Security Testing"

License

BSD-3-Clause license
7 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

DefectDojo/ZapCon-2022-demo

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits

tools

tools

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

data_gather_clean.yml

data_gather_clean.yml

 
 

demo.bash

demo.bash

 
 

prequistes.yml

prequistes.yml

 
 

run_tests.yml

run_tests.yml

 
 

Repository files navigation

ZapCon-2022-demo

Code used in the demo from the "Final Frontier: Automating DYNAMIC Security Testing"

Setting Up

Start DefectDojo and Juice Shop first

docker-compose -f prequistes.yml up -d

Access DefectDojo on 127.0.0.1:8888 with the credentials below

U - admin
P - DefectDojo!0

Find the API key by visiting

127.0.0.1:8888/api/key-v2

And insert it on line 16 of tools/defectdojo/defectdojo.bash

Access Juice Shop on 127.0.0.1:3000

Running

In an environment that has docker and docker compose, run the line below and watch the following happen

  1. Scan Juice Shop with SSLyze and ZAP
  2. Push those results to DefectDojo
  3. Clean up all the evidence (Remove scan containers and volumes)

./demo.bash

About

Code used in the demo from the "Final Frontier: Automating DYNAMIC Security Testing"

Resources

Readme

License

BSD-3-Clause license
Activity
Custom properties

Stars

7 stars

Watchers

5 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages