Python HTML Shell CSS JavaScript XSLT Other
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
ansible Ensured PEP8 compliancy of adapted settings files Apr 17, 2018
components Removed symlink-creating postinstall script, according to issue #545 Apr 17, 2018
docker Consolidated common variables and functions; Made the entire script m… Mar 23, 2018
dojo Update __init__.py Apr 19, 2018
entrypoint_scripts Bump version of used ChromeDriver and used selenium version Apr 17, 2018
tests Bump version of used ChromeDriver and used selenium version Apr 17, 2018
.gitignore Removed symlink-creating postinstall script, according to issue #545 Apr 17, 2018
.travis.yml Merge pull request #486 from maennel/refactor/dockerfile Mar 27, 2018
CONTRIBUTING.md Adapted contribution guide and gitignore Feb 26, 2018
DefectDojoMaintainers.md Create DefectDojoMaintainers.md Mar 23, 2017
Dockerfile Allow setting db envs from docker build as args Apr 10, 2018
ISSUE_TEMPLATE.md Update ISSUE_TEMPLATE.md Nov 7, 2017
LICENSE.md Update LICENSE.md Mar 21, 2017
PULL_REQUEST_TEMPLATE.md Update PULL_REQUEST_TEMPLATE.md Apr 13, 2018
README.md Update README.md Apr 13, 2018
Vagrantfile Renaming and rebranding to DefectDojo. This commit updates every refe… Mar 24, 2015
app.json Adding addtional API methods. Feb 2, 2018
manage.py Corrected references to former settings file Feb 27, 2018
requirements.txt Product Grading Apr 2, 2018
setup.bash Consolidated common variables and functions; Made the entire script m… Mar 23, 2018
setup.py Update setup.py Apr 19, 2018
wsgi.py wsgi.py error edit Mar 8, 2018
wsgi_params Fixes #312 and #139 Jul 9, 2017

README.md

Description

Screenshot of DefectDojo

DefectDojo is a security program and vulnerability management tool. DefectDojo allows you to manage your application security program, maintain product and application information, schedule scans, triage vulnerabilities and push findings into defect trackers. Consolidate your findings into one source of truth with DefectDojo.

Build Status Documentation Status

Quick Start

$ git clone https://github.com/DefectDojo/django-DefectDojo
$ cd django-DefectDojo
$ ./setup.bash
$ ./run_dojo.bash

navigate to 127.0.0.1:8000

Demo

If you'd like to check out a demo of DefectDojo before installing it, you can check out our PythonAnywhere demo site.

You can log in as an administrator like so:

Admin

You can also log in as a product owner / non-staff user:

Product owner

Additional Documentation

For additional documentation you can visit our Read the Docs site.

Installation Options

Debian, Ubuntu (16.04.2+) or RHEL-based Install Script

Docker

Ansible

Getting Started

We recommend checking out the about document to learn the terminology of DefectDojo, and the getting started guide for setting up a new installation. We've also created some example workflows that should give you an idea of how to use DefectDojo for your own team.

DefectDojo Client API's

  • DefectDojo Python API: pip install defectdojo_api or clone the repository.

Getting Involved

Slack

Get Access. Realtime discussion is done in the OWASP Slack Channel, #defectdojo.

Twitter

DefectDojo Twitter Account tweets project updates and changes.

Available Plugins

Engagement Surveys - A plugin that adds answerable surveys to engagements.

LDAP Integration

SAML Integration

Multi-Factor Auth

About Us

DefectDojo is maintained by:

Contributing

We greatly appreciate all of our contributors.

We would also like to highlight the contributions from Michael Dong and Fatimah Zohra who contributed to DefectDojo before it was open source.

Swag Rewards

If you fix an issue with the swag reward tag, we'll send you a shirt and some stickers!

Dojo tshirt front Dojo tshirt back

Support

Proceeds are used for testing, infrastructure, etc.

PayPal

Sponsors

Xing

Interested in becoming a sponsor and having your logo displayed? Please email greg.anderson@owasp.org

License

DefectDojo is licensed under the BSD Simplified license