Skip to content
/ ZapCon-2022-demo Public

Code used in the demo from the "Final Frontier: Automating DYNAMIC Security Testing"

License

BSD-3-Clause license
7 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

DefectDojo/ZapCon-2022-demo

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
tools
tools
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
data_gather_clean.yml
data_gather_clean.yml
 
 
demo.bash
demo.bash
 
 
prequistes.yml
prequistes.yml
 
 
run_tests.yml
run_tests.yml
 
 

Repository files navigation

ZapCon-2022-demo

Code used in the demo from the "Final Frontier: Automating DYNAMIC Security Testing"

Setting Up

Start DefectDojo and Juice Shop first

docker-compose -f prequistes.yml up -d

Access DefectDojo on 127.0.0.1:8888 with the credentials below

U - admin
P - DefectDojo!0

Find the API key by visiting

127.0.0.1:8888/api/key-v2

And insert it on line 16 of tools/defectdojo/defectdojo.bash

Access Juice Shop on 127.0.0.1:3000

Running

In an environment that has docker and docker compose, run the line below and watch the following happen

  1. Scan Juice Shop with SSLyze and ZAP
  2. Push those results to DefectDojo
  3. Clean up all the evidence (Remove scan containers and volumes)

./demo.bash

About

Code used in the demo from the "Final Frontier: Automating DYNAMIC Security Testing"

Resources

Readme

License

BSD-3-Clause license
Activity
Custom properties

Stars

7 stars

Watchers

5 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages