search

marcel-haag / security-c4po

Security-C4PO is an open-source web-application for managing and documenting penetration tests. This tool allows a security tester to keep track of the testing progress according to the OWASP Testing Guide. This application aims to make the offical Testing Guide more actionable to work with.
http://security.c4po.dev/
Apache License 2.0
4 stars 1 forks source link

As a user I want to have an Pentest Overview #26

Open marcel-haag opened 2 years ago

marcel-haag commented 2 years ago

As a user I want to have an Overview of the Pentest after I click on a Project.

This Overview is split in three Parts

Part 1: Header (https://github.com/Marcel-Haag/security-c4po/issues/27)

The header has a button for the user to route him back to the project overview. It also support breadcrumps that should help the user to see where he is on the page.

Part 2: Sidenav of available categories (https://github.com/Marcel-Haag/security-c4po/issues/28)

The sidenav has the different Pentest steps in the correct order. Selecting a topic should update the Table on the right side and the Header breadcrump should be updated to include the title of the selected row.

Part 3: Table of available pentests (https://github.com/Marcel-Haag/security-c4po/issues/29)

Inside the table different information like the No., Title, Status and Findings is being displayed. When clicking on one row of the table the user should be redirected to a new page and the Header breadcrump should be updated to include the title of the selected row.

marcel-haag commented 2 years ago

PentestOverview

marcel-haag commented 2 years ago

Hints Check out the official testing guide from page 213 to 215: https://owasp.org/www-project-web-security-testing-guide/assets/archive/OWASP_Testing_Guide_v4.pdf

Supported catergories:

The possible status of an pentest can be one of these: (+ Not Started ; N/A) Status