documentation-pocs.safelabs.com.br
Open in
urlscan Pro
134.65.236.85
Public Scan
URL:
https://documentation-pocs.safelabs.com.br/
Submission: On July 13 via automatic, source certstream-suspicious — Scanned from CA
Submission: On July 13 via automatic, source certstream-suspicious — Scanned from CA
Form analysis 2 forms found in the DOM
<form class="md-header__option" data-md-component="palette">
<input class="md-option" data-md-color-media="(prefers-color-scheme: dark)" data-md-color-scheme="slate" data-md-color-primary="deep-purple" data-md-color-accent="amber" aria-label="Switch to light mode" type="radio" name="__palette"
id="__palette_1">
<label class="md-header__button md-icon" title="Switch to light mode" for="__palette_2" hidden="">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24">
<path d="M17 7H7a5 5 0 0 0-5 5 5 5 0 0 0 5 5h10a5 5 0 0 0 5-5 5 5 0 0 0-5-5m0 8a3 3 0 0 1-3-3 3 3 0 0 1 3-3 3 3 0 0 1 3 3 3 3 0 0 1-3 3z"></path>
</svg>
</label>
<input class="md-option" data-md-color-media="(prefers-color-scheme: light)" data-md-color-scheme="default" data-md-color-primary="deep-purple" data-md-color-accent="amber" aria-label="Switch to dark mode" type="radio" name="__palette"
id="__palette_2">
<label class="md-header__button md-icon" title="Switch to dark mode" for="__palette_1">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24">
<path d="M17 6H7c-3.31 0-6 2.69-6 6s2.69 6 6 6h10c3.31 0 6-2.69 6-6s-2.69-6-6-6zm0 10H7c-2.21 0-4-1.79-4-4s1.79-4 4-4h10c2.21 0 4 1.79 4 4s-1.79 4-4 4zM7 9c-1.66 0-3 1.34-3 3s1.34 3 3 3 3-1.34 3-3-1.34-3-3-3z"></path>
</svg>
</label>
</form>Name: search —
<form class="md-search__form" name="search">
<input type="text" class="md-search__input" name="query" aria-label="Search" placeholder="Search" autocapitalize="off" autocorrect="off" autocomplete="off" spellcheck="false" data-md-component="search-query" required="">
<label class="md-search__icon md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24">
<path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5z"></path>
</svg>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24">
<path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12z"></path>
</svg>
</label>
<nav class="md-search__options" aria-label="Search">
<a href="https://documentation-pocs.safelabs.com.br/?q=" class="md-search__icon md-icon" aria-label="Share" data-clipboard="" data-clipboard-text="javascript:void(0)" data-md-component="search-share" tabindex="-1">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M18 16.08c-.76 0-1.44.3-1.96.77L8.91 12.7c.05-.23.09-.46.09-.7 0-.24-.04-.47-.09-.7l7.05-4.11c.54.5 1.25.81 2.04.81a3 3 0 0 0 3-3 3 3 0 0 0-3-3 3 3 0 0 0-3 3c0 .24.04.47.09.7L8.04 9.81C7.5 9.31 6.79 9 6 9a3 3 0 0 0-3 3 3 3 0 0 0 3 3c.79 0 1.5-.31 2.04-.81l7.12 4.15c-.05.21-.08.43-.08.66 0 1.61 1.31 2.91 2.92 2.91 1.61 0 2.92-1.3 2.92-2.91A2.92 2.92 0 0 0 18 16.08z"></path></svg>
</a>
<button type="reset" class="md-search__icon md-icon" aria-label="Clear" tabindex="-1">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24">
<path d="M19 6.41 17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41z"></path>
</svg>
</button>
</nav>
<div class="md-search__suggest" data-md-component="search-suggest"></div>
</form>Text Content
Skip to content
RaidStorm:Owasp Security Test
✨ RaidStorm Owasp Security Test
Type to start searching
RaidStorm:Owasp Security Test
* ✨ RaidStorm Owasp Security Test ✨ RaidStorm Owasp Security Test
Table of contents
* 📋 Description
* 📋 Planning
* ✨ Requirements
* 🧮 Project
* 🧮 Diagram
* 🧱 Stack
* ✨ Contributions
* ✨ Versions
Table of contents
* 📋 Description
✨ RAIDSTORM OWASP SECURITY TEST¶
📋 DESCRIPTION¶
In this project we have 7 components, 5 of which are microservices, a database
and a security scanning service proxy.:
* documentation - Provides this documentation
* api-bff - RESTful entry point
* active-scan - Microservice that communicates with zaproxy to perform Active
URL scanning
* pasiveve-scan - Microservice that communicates with zaproxy to do passive URL
scanning
* security-alerts - Microservice that receives data from scanners, saves it in
the postgresql database and also delivers data to the main API with scanner
results
* postgresql - Application database
* rabbitmq - AMQP service used to transmit information from micro-services
* zaproxy - Two ZAP containers for passive and active security scans, one
called zap-passive and the other zap-active.
Question
See more details in Diagram
ORGANISING THIS DOCUMENTATION¶
* Planning - POC Planning Planning
* Requirements - Functional and non-functional POC requirementsRequirements
* Project - Minimum viable POC microarchitecture Project
* Diagram - Project overview diagrams Diagram's
* Stack - Stacks used in the project Stack's
* Contributions - POC contributors, or, who I should call when in doubt
Contributions
* Versions - Information on changes in each version released for testing
Versions
MVP¶
👔 USER STORIES:¶
EPIC Testes As a tester I want to be able to perform passive URL scanning by
obtaining a report containing test information.
As a tester I want to be able to perform active URL scanning by obtaining a
report containing test information.
RESOURCES USED FOR EACH SERVICE:¶
Service CPU Memory ZaProxy 350% 3.5 GB APIBFF 30% 6
👔 CONCEPTS¶
* Active Scanner:Active scanning attempts to find potential vulnerabilities by
using known attacks against the selected targets. Active scanning is an
attack on those targets.
* Passive scanner: The passive scanner is run in conjunction with the spider
and doesn't alter the requests or responses in any way and is therefore safe
to use. This is good for finding problems such as missing security headers or
missing anti CSRF tokens, but not good for finding vulnerabilities such as
XSS.
🔧 COMMANDS¶
* docker compose build - Download and build the images needed for the project
* docker compose up -d - Initializes the images, in order, for the project to
work
Back to top
Next 📋 Planning
Made with Material for MkDocs