DefectDojo
DefectDojo is a security orchestration andvulnerability management platform.DefectDojo allows you to manage your application security program, maintainproduct and application information, triage vulnerabilities andpush findings to systems like JIRA and Slack. DefectDojo enriches andrefines vulnerability data using a number of heuristic algrothims thatimprove with the more you use the platform.
Demo
Try out the demo sever at demo.defectdojo.org
Log in with admin / defectdojo@demo#appsec. Please note that the demo is pubicly accessable and regularly reset. Do not put sensitive data in the demo.
Quick Start
git clone https://github.com/DefectDojo/django-DefectDojo
cd django-DefectDojo
# building
docker-compose build
# running
docker-compose up
# obtain admin credentials. the initializer can take up to 3 minutes to run
# use docker-compose logs -f initializer to track progress
docker-compose logs initializer | grep "Admin password:"
Navigate to http://localhost:8080.
Documentation
Getting Started
REST APIs
Client APIs and Wrappers
Release and Branch Model
Contributing
Roadmap
Wishlist
Supported Installation Options
Community, Getting Involved, and Updates
Join the slack community and discussion! Realtime discussion is done in the OWASP Slack Channel, #defectdojo.Follow DefectDojo on Twitter, Linkedin, and YouTube for project updates!
Commercial Support and Training
Commercial support and training is availaible through 10Security.
10Security was founded by the creators of DefectDojo.For information please email info@10security.com or visit our site.
About Us
DefectDojo is maintained by:
Project Moderators
Project Moderators can help you with pull requests or feedback on dev ideas.
- Alex Dracea
- Valentijn Scholten (sponsor | linkedin)
- Jannik Jürgens
- Fred Blaise
- Cody Maffucci
- Pascal Trovatelli / Sopra Steria
- Damien Carol
- Stefan Fleckenstein
Hall of Fame
- Charles Neill (@ccneill) – Charles served as aDefectDojo Maintainer for years and wrote some of Dojo's core functionality.
- Jay Paz (@jjpaz) – Jay was a DefectDojomaintainer for years. He performed Dojo's first UI overhaul, optimized code structure/features, and added numerous enhancements.
Sponsors
License
DefectDojo is licensed under the BSD Simplified license
-
PyCharm的一个特性是它包含对Django的支持。 能够在PyCharm中包含JavaScript功能,它可以被认为是Django的最佳IDE。 在PyCharm IDE中创建Django项目的基本步骤如下 - 如果启用了EnableDjangoadmin选项,PyCharm将为您设置管理站点。 模板调试 调试适用于Django和Jinja模板。 我们可以检查变量,逐步执行代码,并在调试器中执
-
Django 是一个高级 Python Web 框架,鼓励快速开发和简洁实用的设计。Django 使你可以更轻松地以更少的代码更快地构建更好的 Web 应用程序。 Django 框架的核心组件有: 用于创建模型的对象关系映射 为最终用户设计的完美管理界面 一流的 URL 设计 设计者友好的模板语言 缓存系统 示例代码: from django.template import Context, lo
-
问题内容: 我想知道是否有人将Django REST框架与django-polymorphic相结合的Pythonic解决方案。 鉴于: 如果我想要django-rest- framework中所有GalleryItem的列表,它只会给我GalleryItem(父模型)的字段,因此是:id,gallery_item_field和polymorphic_ctype。那不是我想要的 我想要custom
-
我用ImageField创建了一个简单的模型,我想用django-rest-framework+django-rest-swagger创建一个api视图,它是文档化的,并且能够上传文件。 以下是我得到的: 我阅读了django-rest-framework中的这部分文档: 我正在使用、和。
-
问题内容: 问题在于在django中接收到POST请求。我确实喜欢这样。 但是我得到ukeys的值为。当我检查时,我得到的值是 因此,如何在Django中将这些值作为列表获取? 谢谢! 问题答案: 后缀为jQueryPOST的数组,因为PHP和某些Web框架了解该约定,并自动为您在服务器端重新构建数组。Django不能那样工作,但是您应该能够通过以下方式访问数据:
-
Django带有聚合feed生成框架。有了它,你可以创建RSS或Atom只需继承django.contrib.syndication.views.Feed类。 让我们创建一个订阅源的应用程序。 在feed类, title, link 和 description 属性对应标准RSS 的<title>, <link> 和 <description>元素。 条目方法返回应该进入feed的item的元素。