Where communities thrive

Join over 1.5M+ people
Join over 100K+ communities
Free without limits
Create your own community

Explore more communities

Security Knowledge Framework/Lobby

Welcome to the OWASP-SKF chat room, if you need help or have questions then you are at the right place! https://securityknowledgeframework.org You can also ask our Chatbot questions regarding to security vulnerabilities: @botSKF_gitlab what is xss?

People

Repo info

Activity

12:15

Travis blabla1337/skf-flask (juice-shop-integration) still failing (2710)
11:58

Travis blabla1337/skf-flask@f9edfe9 (juice-shop-integration) failed (2709)
Mar 25 10:28

Travis blabla1337/skf-flask (K8-integration) still failing (2708)
Mar 23 16:41

Travis blabla1337/skf-flask#572 broken (2707)
Mar 23 15:40

Travis blabla1337/skf-flask#571 broken (2706)
Mar 20 15:03

Travis blabla1337/skf-flask (K8-integration) still failing (2705)
Mar 18 23:52

Travis blabla1337/skf-flask (K8-integration) still failing (2704)
Mar 18 16:48

Travis blabla1337/skf-flask (K8-integration) still failing (2703)
Mar 18 12:54

Travis blabla1337/skf-flask (K8-integration) still failing (2702)
Mar 18 09:57

Travis blabla1337/skf-flask (K8-integration) still failing (2701)
Mar 18 09:54

Travis blabla1337/skf-flask (K8-integration) still failing (2700)
Mar 17 14:35

Travis blabla1337/skf-flask (K8-integration) still failing (2699)
Mar 16 15:51

Travis blabla1337/skf-flask (K8-integration) still failing (2698)
Mar 16 11:29

Travis blabla1337/skf-flask (K8-integration) still failing (2697)
Mar 16 10:07

Travis blabla1337/skf-flask (K8-integration) still failing (2696)
Mar 12 16:43

Travis blabla1337/skf-flask#570 broken (2695)
Mar 12 15:58

Travis blabla1337/skf-flask#569 broken (2694)
Mar 12 08:26

Travis blabla1337/skf-flask@6c8b519 (K8-integration) failed (2693)
Mar 07 16:44

Travis sthagen/skf-flask (master) still failing (6)
Mar 07 16:42

Travis sthagen/skf-flask#3 errored (5)

arunshrm101fss

@arunshrm101fss

SKF_API_URL=http://external_ip:8888/api

arunshrm101fss

@arunshrm101fss

logs

CERT=/home/user_skf/server.pem

KEY=/home/user_skf/server.key
PORT=443
[[ change_this_super_secret_random_string != \c\h\a\n\g\e\m\e ]]
perl -pi -e 's/JWT_SECRET = '\'''\''/JWT_SECRET = '\''change_this_super_secret_random_string'\''/' /home/user_skf/skf/settings.py
[[ 3x.xx.xxx.xxx != '' ]]
perl -pi -e 's/*/https:\/\/ 3x.xx.xxx.xxx/' /home/user_skf/skf/settings.py
perl -pi -e 's/http:\/\/127.0.0.1:8888\/api/https:\/\/ 3x.xx.xxx.xxx\/api/' /home/user_skf/Angular/src/environments/environment.prod.ts
mkdir /run/nginx

Akash M

@AkashM398

securityknowledgeframework.org is down?

Akash M

@AkashM398

@blabla1337 it shows some privacy error and redirects to transip website. Can you look into this issue?

Glenn ten Cate

@blabla1337

@arunshrm101fss hmm weird

can you show me how your run command looks like now?

to start the docker

@AkashM398 yes sorry it was due to the move to a different DNS and hosting platform

but its fixed agian

thanks

Glenn ten Cate

@blabla1337

Guys we are also very busy to make a docker-compose file for local deployment

it looks like its working good

but need to do some more testing

also this version will allow you to spin the labs from SKF automatically

Riccardo ten Cate

@RiieCco

To give everybody an idea how it works:
https://youtu.be/Qbclz6kVoVg

Mehtab Zafar

@mzfr

oh this will be an amazing addition

mohammed elmasry

@M4sry__twitter

hello

i'd like to know how to install these labs

Riccardo ten Cate

@RiieCco

Hey!

For now you can either pull the repository and run them as flask apps with pytohn3

https://github.com/blabla1337/skf-labs

Or run the images from our Docker-hub on any host machine that runs Docker

https://owasp-skf.gitbook.io/asvs-write-ups

Each lab write up tells how to run the images

The new release where you can connect SKF to your Kubernetes cluster is still in development

Although released pretty soon

bcncarles

@bcncarles

@fernandodebrando I have the same issue. Were you able to solve the localhost issue? When I click Create Accound the request goes to localhost

Glenn ten Cate

@blabla1337

@bcncarles what installation did you follow?

So I can give you some guidance

bcncarles

@bcncarles

Hi Glenn, thanks for your help
I'm triying to do Deployment of SKF Framework to Azure Web App for Containers

I set
ORIGIN: https://taasecurityskf.azurewebsites.net
WEBSITES_PORT:80
JWT_SECRET:XXXX
HTTPS=false
FRONTEND_URI: http://taasecurityskf.azurewebsites.net
I tried to modify skf-angular.sh with this option but nothing
ng serve --configuration=production --host 0.0.0.0 --disable-host-check

Is it possible to deploy only work with localhost? Or perhaps I need change other configuration. If you need more info I can to do a video and then you will see what I did.
Regards

bcncarles

@bcncarles

bcncarles

@bcncarles

@blabla1337 what is the parameter responsable to do the postbacks to localhost and where is it?

After every Change I launched below instructions with my parameters

docker build -t image-name:latest .
docker login yourregistryname.azurecr.io
docker tag image-name:latest yourregistryname.azurecr.io/username/image-name
docker push yourregistryname.azurecr.io/username/image-name

mohammed elmasry

@M4sry__twitter

while pulling docker it stucks while downloading ! any help ?!

Glenn ten Cate

@blabla1337

@bcncarles Hmm I see you miss a value

SKF_API_URL

this would point to your backend api

https://taasecurityskf.azurewebsites.net/api

so what you can do is

use the api and the angular docker images that we also use for GKE

in here you can set all those ENV variables on the docker image

for example

the front end image only takes this one: FRONTEND_URI

in your case with value http://taasecurityskf.azurewebsites.net

then for the api docker image you have multiple ENV variables

Glenn ten Cate

@blabla1337

SKF_API_URL

this would point to your backend api
https://taasecurityskf.azurewebsites.net/api

JWT_SECRET