The Bag of Holding is an application to assist in the organization and prioritization of software security activities.
Check out these talks which cover building your own AppSec pipeline:
For information about what's new as well as known issues, see RELEASES.md
For information on setting up a development environment, see INSTALL.md.
Build and start the container
docker build -t bag-of-holding .
docker run -d -p 8000:8000 --name boh-server bag-of-holding:latest
Create super-user
docker exec -it boh-server sh
python3 /bag-of-holding/project/manage.py createsuperuser
The following command will retrieve the latest metrics from ThreadFix for connected applications. We recommend this be run daily as a Cron job.
python manage.py cron --threadfix