Restructuring categories menu and classifying apps in multiple categories - Githubissues

OWASP / OWASP-VWAD

The OWASP Vulnerable Web Applications Directory project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.

https://owasp.org/www-project-vulnerable-web-applications-directory/

Apache License 2.0

859 stars 219 forks source link

Restructuring categories menu and classifying apps in multiple categories #153

Closed raulsiles closed 2 years ago

raulsiles commented 2 years ago

Related to the discussion in issue #152, OWASP Security Shepherd (https://owasp.org/www-project-security-shepherd/) seems like a good example that should appear in three categories: Offline (manual setup), VM and docker environment (twice, mentioning the new proposed Container category), and Mobile (Android app). Details at https://github.com/OWASP/SecurityShepherd/wiki.

Currently it is only listed in VWAD under Offline.

raulsiles commented 2 years ago

Another good example of a target app that is already in the Offline and Online categories of VWAD is OWASP-SKF: https://owasp.org/www-project-security-knowledge-framework/.

kingthorin commented 2 years ago

Should we start a blockchain (or similar) category?

https://mobile.twitter.com/0xAsm0d3us/status/1474757258642800648

kingthorin commented 2 years ago

Maybe we just move to a single file and include a type or collection array? Then there isn’t duplicate entries.

psiinon commented 2 years ago

I'd love this to be a single filterable table. I'm guessing thats not possible with the OWASP wiki? So ... how about we put it on a GitHub pages site? We could use the same infra as we do for zaproxy.org but the site would be much simpler, maybe just one page? It could still live on the OWASP domain, eg vwad.owasp.org I'd be able to help with some of the handle turning ...

kingthorin commented 2 years ago

Hmmm there are filterable tables elsewhere on the site, I’ll look into it.

However what I was actually meaning is tweaking the format of the data file(s).

psiinon commented 2 years ago

:D I'm fine with that

kingthorin commented 2 years ago

Okay so here's my plan if you agree:

I'll update the JSON schema to use an array for the "collections" the apps should be part of.
I'll paste all the JSON together in a single file.
Order it by name and combine any duplicate entries.
That single file will become the new data file for the directory.
I'll update the various GitHub actions and web deployed content, etc to use the new schema and single data file.
I'll tackle other issues like adding table filtering, a deprecated notation or ordering by activity/stars (I believe that was suggested by Bjeorn somewhere).

All of that will be multiple PRs, but that's the overall plan (at this point).

kingthorin commented 2 years ago

All done. Both repos adapted/updated. Sorry I had to doa few direct pushes, I do try to avoid that but I was kinda rushing to fix things.