Skip to content
/ sast-dast Public

Implement SAST+DAST checks using github actions against a vulnerable python application which allows RCE. Goal is to detect it before it gets pushed into production.

License

MIT license
3 stars 3 forks Branches Tags Activity
Star
Notifications

Anon-Exploiter/sast-dast

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

42 Commits

.github

.github

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

app.py

app.py

 
 

requirements.txt

requirements.txt

 
 

Repository files navigation

Implement SAST + DAST through Github actions

The repository is supposed to implement SAST+DAST checks using github actions against a vulnerable python application which allows RCE. Goal is to detect it before it gets pushed into production.

Roadmap

  • Python vulnerable RCE application
  • Github actions (executes on PR to main/master branch)
    • Implement SAST using bandit
    • Implement DAST using OWASP ZAP (need app deployed somewhere - k8s to the rescue!)
    • Deploy application using Kubernetes for OWASP ZAP scan
  • Post gist of found vulnerabilities in Slack
    • SAST - Use hashicorp vault to reference slack bot credentials
    • DAST - Use hashicorp vault to reference slack bot credentials

About

Implement SAST+DAST checks using github actions against a vulnerable python application which allows RCE. Goal is to detect it before it gets pushed into production.

Resources

Readme

License

MIT license
Activity

Stars

3 stars

Watchers

1 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages