ameserole / akeso Goto Github PK
View Code? Open in Web Editor NEWA Platform for Testing Secure Coding/Config
License: MIT License
A Platform for Testing Secure Coding/Config
License: MIT License
When a user cancels a test in the middle of the backend checks the queue gets messed up.
Bit ironic that this project doesn't have any CI testing at the moment
For some reason Gitlab is only executing one job at a time which can cause issues. I am sure it is a setting that I am missing somewhere.
There are more efficient and cleaner ways to handle logging
AkesoCLI.py Does not start an existing RabbitMQ Container if the container already exists but is in a stopped state.
https://github.com/ameserole/Akeso/blob/master/AkesoCLI.py#L18-L24
Currently only allows for one Service and Exploit check at a time.
Currently you have to manually edit the challenge mapper here https://github.com/ameserole/Akeso/blob/master/defense/DefenseLab/AttackWorkers.py#L12-L17 to add challenges.
A more user friendly way of adding challenges should be implemented.
@ameserole
Have a couple of questions using Akeso - Secure Coding/Config framework:
I spinned off gitlab instance and git-runner with docker executer on two different server instances per the doc and it is working and tested.
While creating a challenge (say for e.g. Java SpringBoot web app) as part of the .gitlab-ci.yml script job stages that I added it runs build, test gradle tasks to make sure the code compiles and tests passes, when those jobs are completed it runs build_image job.
The build_image job builds docker image and runs the app inside the gitlab-runner's docker.
I'm running docker:stable inside git-lab runner as shown in the job below
build_image: stage: build_image image: docker:stable services: - docker:dind variables: DOCKER_HOST: tcp://docker:2375/ DOCKER_DRIVER: overlay2 before_script: - apk add --no-cache py-pip - pip install docker-compose - docker info script: - docker build -t xyz/java-webapp:latest . - docker run -p 8080:8080 xyz/java-webapp:latest
The plan is to run deploy job after the above to kick off the tests/entry.sh script where it calls tests/queue.py to run the backend service.
deploy: stage: deploy script: - ". tests/entry.sh"
Framework questions:
Repo questions:
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.