2 Getting Started

Stefan Streichsbier edited this page Jul 11, 2016 · 3 revisions

Prerequisites

  1. JDK 8
  2. (Optional) to test SSL, install SSLyze
  3. (Optional) to run tests with Nessus you'll need a Nessus server with the API enabled

Run the Demo

Download a vulnerable web application

BDD-Security tests web applications and servers from the outside. To get started with a quick demonstration, we provide a vulnerable web application in the form of a self-executing .jar file from here.

Launch this application in a terminal:

 java -jar ropeytasks.jar

Checkout BDD-Security

 git clone https://github.com/continuumsecurity/bdd-security.git

Execute only the 'authentication' feature:

./gradlew -Dcucumber.options="--tags @authentication --tags ~@skip"

View the test results in ./build/reports/cucumber/pretty/feature-overview.html
To execute all the features including ZAP scanning:

./gradlew
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.