Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
    Kim Carter
    @binarymist
    Actually thanks for that, I was waiting for them to get back to me... I'll just sub another PR (for NodeGoat) tomorrow. Thanks for stopping that falling through the cracks.
    Sing out if you know of any others also, thanks.
    Or... feel free to do so your self :-)
    Björn Kimminich
    @bkimminich
    Most don't like mixed PRs, so singing out here seems more like the road to merge-success... :-)
    Kim Carter
    @binarymist
    Probably quicker for me as I've got the repo forked and upstream added.
    Definatily
    I've been adding a bunch of specific PRs over the last couple of days
    Easier for them to say "thanks, but no thanks", but unlikely with NodeGoat.
    Björn Kimminich
    @bkimminich
    Gave you some backup on https://github.com/nixawk/pentest-wiki/pull/5#issuecomment-269297188 ... :-)
    Kim Carter
    @binarymist
    Cheers, interesting, Be keen on @ckarande to comment also on the ComposeHub
    Kim Carter
    @binarymist
    Added: paragonie/awesome-appsec#35
    Kim Carter
    @binarymist
    We're in: https://github.com/nixawk/pentest-wiki/blob/master/3.Exploitation-Tools/README.md#docker-for-penetration-testing
    Kim Carter
    @binarymist
    Feel free to help nudge this one @bkimminich @ckarande if you think my book series is good: nixawk/pentest-wiki#6
    Chetan Karande
    @ckarande
    @binarymist @bkimminich great to have NodeGoat in the pentest-wiki :sparkles: You guys are awsome! @binarymist I hope both your PR to awesome-appsec would get merged soon as well..
    Kim Carter
    @binarymist
    :thumbsup:
    Chetan Karande
    @ckarande
    @bkimminich I like the idea of using composehub.. I will explore that option.. do you use it for the Juice Shop?
    Björn Kimminich
    @bkimminich
    Not yet, but once the CTF cluster will be available, I probably will.... https://github.com/bkimminich/juice-shop-ctf
    Kim Carter
    @binarymist
    Thanks @ckarande https://github.com/nixawk/pentest-wiki/tree/master/Books#defensive-development
    Chetan Karande
    @ckarande
    :+1: I like the way you have split your book @binarymist into fascicles..you can update them independently.. mostly likely 1st would need less frequent updates than 2nd and mostly 3rd.
    Kim Carter
    @binarymist
    NodeGoat will be on JavaScript Jabber now. Did an interview yesterday and one today for them.
    Chetan Karande
    @ckarande
    Great!th
    Thanks for spreading the word
    Björn Kimminich
    @bkimminich
    @binarymist Awesome! 👍
    Kim Carter
    @binarymist
    Now in https://github.com/sbilly/awesome-security#docker-images-for-penetration-testing--security
    Kim Carter
    @binarymist
    You may be able to use this one @ckarande https://youtu.be/VO2pPKTS2aQ
    Chetan Karande
    @ckarande
    Awesome. .thanks for sharing
    Kim Carter
    @binarymist
    NodeGoat added: https://github.com/devsecops/awesome-devsecops#labs
    Chetan Karande
    @ckarande
    Awesome...
    Kim Carter
    @binarymist
    Recent presentation with NodeGoat under security regression test, starts about 33 minutes in: https://www.youtube.com/watch?v=IVLpmCtiPZ0&list=PLE58b5NgENKm3h5r2R17Q4ypZIGjDI4n
    Chetan Karande
    @ckarande
    Well done.. thanks
    Kshitij
    @kshtijsingh
    Hey!! I am Kshitj. I know JAVA, Python, C, Javascript, ruby, net, HTML5, CSS3. I want to contribute in your repo for GSoC.
    Kim Carter
    @binarymist
    Cool!
    Farman Pirzada
    @farmanp
    is this group still active?
    Bhanu Mokkala
    @bhanu2507
    Hi All
    checkmarx is throwing a not 'validated & sanitized' vulnerability on my nodejs express endpoint query parameter.
    I tried validating the input using validate.js
    Any help is appreciated
    Josep Servat
    @servatj
    Hi all, my name is Josep. I'm trying to help on this project is there a way to get an invitation to the slack channel? Thanks in advance.
    Chetan Karande
    @ckarande
    @servatj Welcome to the project. You can join the owasp-community channel via https://join.slack.com/t/owasp/shared_invite/enQtNjExMTc3MTg0MzU4LTViMDg1MmJiMzMwZGUxZjgxZWQ1MTE0NTBlOTBhNjhhZDIzZTZiNmEwOTJlYjdkMzAxMGVhNDkwNDNiNjZiOWQ. One you are there, I will request the admin to add you to the NodeGoat specific channel
    Kirsten Hunter
    @synedra_twitter
    Your heroku documentation server is down, and I need to read the content. An invite to the slack channel would be swell, too - you don't make it clear that you have to get an invite in the README.
    Kirsten Hunter
    @synedra_twitter
    Is this group still active? I need to know how to test issues against the server, and the documentation server is returning application errors.
    Chetan Karande
    @ckarande
    @synedra_twitter Thanks for pointing it out. Looking into this issue will bring up the heroku site soon
    Chetan Karande
    @ckarande
    Please try now..
    Also, thanks for inputs on the slack channel. The slack channel is owned by OWASP org account and hence we have to go over hoops to get into it. We will look it simplifying it and updating README explaining the invite process..
    In the meantime, please continue to use gitter
    Or open an issue on github repo as you did
    sudheer
    @VilluriSudheer_twitter
    how to run dependency-check cli in node js project
    we need to scan only package.json ?
    Chetan Karande
    @ckarande
    Hi @VilluriSudheer_twitter , I am not sure if it is supported yet, you may ask about it on the dependency-check forum
    https://groups.google.com/forum/?fromgroups#!forum/dependency-check