Giter VIP home page Giter VIP logo

threatdragon.github.io's Introduction

OWASP Threat Dragon

OWASP ZAP scan

This repo provides the documentation site for Threat Dragon. Mike Goodwin created Threat Dragon as an open source community project that provides an intuitive and accessible way to model threats.

Threat Dragon is a threat modelling application which provides model diagramming and a rule engine to auto-generate threats/mitigations. Threat Dragon is an OWASP Lab Project run by volunteers. There is always plenty to do so please contribute your ideas and time if you can.

Testing the docs pages

  • make sure you have jekyll installed, following the github docs
  • install with bundle install
  • run the site locally with bundle exec jekyll serve
  • browse to http://localhost:4000/ to check all is good
  • build the site with bundle exec jekyll build

Project leaders:

threatdragon.github.io's People

Contributors

bartleskeet avatar jgadsden avatar lreading avatar mike-goodwin avatar mike-goodwin-sage avatar threatdragon avatar

Stargazers

avatar avatar

Watchers

avatar avatar avatar avatar

threatdragon.github.io's Issues

ZAP Scan Baseline Report

View the following link to download the report.
RunnerID:2646969485

Permissions failure opening Mac desktop app

Reported in #439 'Permissions failure opening Mac desktop app', the .zip file does not work on all MacOS. Needs to be made clear in these docs, at public/pages/install/install-desktop.markdown

ZAP Scan Baseline Report

View the following link to download the report.
RunnerID:739586466

Be more secure

We are ignoring a whole load of possible vulnerabilities in our ZAP scan. This is a Bad Thing, and it would be good to correct this within the Jekyll framework

Clarify Docker Usage

OWASP/threat-dragon#313

We should not instruct users to use the latest tag, as that is automatically updated each time a new image is pushed. The build process for v2 pushes images to be able to run e2e tests as part of the build.

Add section on presentations

Over the years we have done various presentations and talks on Threat Dragon. It would be great to collect these into the docs area

Update docs theme

The present theme for the docs is 'Just the Docs', which is a plain theme. It would be good to update the theme so it is closer to the original (contained in branch 'original' in this repo) which can be seen at:

https://threatdragon.org/

ZAP Scan Baseline Report

  • Site: http://docs.threatdragon.org
    Ignored Alerts

    • Content Security Policy (CSP) Header Not Set [10038] total: 1:
    • Feature Policy Header Not Set [10063] total: 1:
    • Storable and Cacheable Content [10049] total: 1:
    • Cross-Domain Misconfiguration [10098] total: 1:
    • Modern Web Application [10109] total: 1:
    • X-Frame-Options Header Not Set [10020] total: 1:
    • Retrieved from Cache [10050] total: 1:
    • X-Content-Type-Options Header Missing [10021] total: 1:

  • Site: https://threatdragon.github.io
    New Alerts

    Ignored Alerts

    • Retrieved from Cache [10050] total: 4:
    • Strict-Transport-Security Header Not Set [10035] total: 3:
    • Storable and Cacheable Content [10049] total: 3:

View the following link to download the report.
RunnerID:784043729

ZAP Scan Baseline Report

View the following link to download the report.
RunnerID:696475861

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.