Security Testing

Combine Selenium and OWASP’s Xelenium project or Zed Attack Proxy (ZAP) in order to perform easy to use integrated penetration testing for finding vulnerabilities in web applications. The Xelenium project and Zed Attack Proxy (ZAP) are distributed through the Open Web Application Security Project (OWASP)  which is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software.

SonarQube’s OWASP results

owasp

 Some of OWASP’s functionality:

 

logo-OWASP

Xelenium Project: Xelenium is an automation testing tool that can be used to identify the security vulnerabilities present in the web application. Xelenium uses ‘Selenium – Webdriver’ as its engine and has been developed using Java swing.

The Zed Attack Procy (ZAP): is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.
It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.

Download and extend ATF...

ATF Is Now Open Source

Join this 10 week program anytime...

DevOps Mastery Program

Get your DevOps health check now...

Free DevOps Assessment

X