Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
2 Getting Started
- JDK 8
- (Optional) to test SSL, install SSLyze
- (Optional) to run tests with Nessus you'll need a Nessus server with the API enabled
Run the Demo
Download a vulnerable web application
BDD-Security tests web applications and servers from the outside. To get started with a quick demonstration, we provide a vulnerable web application in the form of a self-executing .jar file from here.
Launch this application in a terminal:
java -jar ropeytasks.jar
git clone https://github.com/continuumsecurity/bdd-security.git
Execute only the 'authentication' feature:
./gradlew -Dcucumber.options="--tags @authentication --tags ~@skip"
View the test results in ./build/reports/cucumber/pretty/feature-overview.html
To execute all the features including ZAP scanning: