GSoC'19 Final Report | OWASP Foundation
3 minute read
---- GSoC'19 Final Report | OWASP Foundation ( Project- DefectDojo) ----
DefectDojo is a security tool that automates application security vulnerability management. DefectDojo streamlines the application security testing process by offering features such as importing third-party security findings, merging and deduping, integration with Jira, templating, report generation and security metrics. This project target to implementing Scan2.0 And Writing Unittests for tools to ensure that they are working correctly.
- ORGANIZATION | CATEGORY
- OWASP Foundation | defect dojo
- MENTORS
- Aaron Weaver
- STUDENT DETAILS
- Saurabh kumar
- saurabh.dakshana17@gmail.com
Implemented Scans Parsers
- Add Kiuwan scan Importer ………………………………………………………………[ #1118 ] - merged
- Scan parser is done.
- Unittest is done.
- Add Openscap scan Importer …………………………………………………………[ #1193 ] - merged
- Scan parser is done.
- Unittest is done.
- Add Wapiti scan Importer ………………………………………………………………[ #1206 ] - merged
- Scan parser is done.
- Unittest is done.
- Add Cobalt.io scan Importer ………………………………………………………[ #1215 ] - merged
- Scan parser is done.
- Unittest is done.
- Add Mozilla Observatory scan importer ……………………………[ #1226 ] - merged
- Scan parser is done.
- Unittest is done.
- Add Whitesource Importer ………………………………………………………………[ #1243 ] - merged
- Scan parser is done.
- Unittest is done.
- Add Microfocus Webinspect Importer ……………………………………[ #1268 ] - merged
- Scan parser is done.
- Unittest is done.
- Add Wpscan Importer ……………………………………………………………………………[ #1345 ] - merged
- Scan parser is done.
- Unittest is done.
- Add Sslscan Importer …………………………………………………………………………[ #1351 ] - merged
- Scan parser is done.
- Unitest is done.
- Add Sslyze Scan Importer ………………………………………………………………[ #1376 ] - merged
- Scan parser is done.
- Unittest is done.
- Add Testssl Scan Importer ……………………………………………………………[ #1397 ] - merged
- Scan parser is done.
- Unittest is done.
Fixed issues
- Fix Kiuwan CWE issue …………………………………………………………………………[ #1175 ] - merged
- Fix Repo field …………………………………………………………………………………………[ #1177 ] - merged
- Add cve option in findings …………………………………………………………[ #1106 ] - merged
- fix product grading ……………………………………………………………………………[ #1082 ] - merged
- fix static and dynamic type finding …………………………………[ #1050 ] - merged
- Fix markdown_render function ……………………………………………………[ #1049 ] - merged
- Fix #1257 and Unicode error in Contrast importer [ #1260 ] - merged
- fix ssllabs scanner issue if suites not provided [ #1367 ] - merged
- fix status column to show under review option ………[ #1373 ] - merged
- Veracode fix static and dynamic issue ……………………………[ #1377 ] - merged
- Include tags in reports …………………………………………………………………[ #1400 ] - merged
- Fix user edit form to remove products ……………………………[ #1420 ] - merged
- Add current commit hash in footer ………………………………………[ #1440 ] - merged
- Fix Dependency parser ………………………………………………………………………[ #1455 ] - merged
- Fix clair klar importer …………………………………………………………………[ #1459 ] - merged
- Immuniweb fix ValueError…………………………………………………………………[ #1477 ] - merged
- Add cve to Crashtest + dawnscanner findings ……………[ #1480 ] - merged
- fix release mode git commit showing issue …………………[ #1483 ] - merged
- fix menu overlapping …………………………………………………………………………[ #1493 ] - merged
Implemented Unittests
- Add product type Unittests …………………………………………………………[ #1153 ] - merged
- Add Engagement Unittests ………………………………………………………………[ #1170 ] - merged
- Add Environment Unittests ……………………………………………………………[ #1181 ] - merged
Todos
- Add new image and select from existing images inside the finding editor - [ #1354 ]
- Fix permission handling of users.
I feedback.
Let me know what you think of this article on twitter @_dr3dd_ or leave a comment below!
Let me know what you think of this article on twitter @_dr3dd_ or leave a comment below!
comments powered by Disqus