Penetration Test Round 1 (after iATO)

cds-snc / url-shortener

An API written in Python that shortens URLs

MIT License

4 stars 0 forks source link

Open ascheid opened 1 year ago

ascheid commented 1 year ago

Execution of security testing before go live

cgye commented 1 year ago

Will try with Burp Suite. Alvaro will help get a license 😄

cgye commented 1 year ago

Results of passive scanning using OWASP ZAP: here Results of manual exploration using OWASP ZAP: here

cgye commented 1 year ago

Qualys SSL Lab scan found no issues: report (may not be persisted)

cgye commented 1 year ago

Created issues found from pen testing and source code review & testing in security risk register.

cgye commented 1 year ago

Will try with Burp Suite once we get a license.