One Security vulnerability assessment/management tool to solve all the security team problems.
Jackhammer is a collaboration tool built with an aim of bridging the gap between Security team vs dev team, QA team and being a facilitator for TPM to understand and track the quality of the code going into production. It could do static code analysis and dynamic analysis with inbuilt vulnerability management capability. It finds security vulnerabilities in the target applications and it helps security teams to manage the chaos in this new age of continuous integration and continuous/multiple deployments.
It completely works on RBAC (Role Based Access Control). There are cool dashboards for individual scans and team scans giving ample flexibility to collaborate with different teams. It is totally built on pluggable architecture which can be integrated with any open source/commercial tool.
Jackhammer uses the OWASP pipeline project to run multiple open source and commercial tools against your code,web app, mobile app, cms (wordpress), network.
* license required ** commercial license required
You can add any scanner to jackhammer within 10-30 minutes. Check the links/video
See our Quick Start/Installation Guide if you want to try out Jackhammer as quickly as possible using Docker Compose.
git clone https://github.com/olacabs/jackhammer
sh ./docker-build.sh
username: jackhammer@olacabs.com
password: j4ckh4mm3r
sh ./docker-build.sh SingleUser
do signup for access
docker-compose stop
docker-compose rm
docker-compose up -d
The User Guide will give you an overview of how to use Jackhammer once you have things up and running.
username: admin@admin.com
password: admin@admin.com