Skip to content

Latest commit

 

History

History
93 lines (71 loc) · 4.57 KB

README.md

File metadata and controls

93 lines (71 loc) · 4.57 KB

License badge Documentation badge Build Status codecov

Copyright © 2017-2019 ElasTest. Licensed under Apache 2.0 License.

elastest-security-service

The ElasTest Security Service (ESS) can be used to detect security vulnerabilities in the System Under Test (SuT). A tester provides a TJob (e.g., a docker container containing a functional test of the SuT) as input to the ESS and which in turn will generate one or more TJobs that helps in identifying a security vulnerability. ESS supports the detection of two different types of vulnerabilities:

  1. Common web application vulnerabiilities such as XSS
  2. Vulnerabilities that are not very well supported by currently available pentest tools

The documentation for using the component is available here.

For accessing Basta-COSI, please visit https://gitlab.software.imdea.org/avinash.sudhodanan/cosi-test/tree/develop

What is ElasTest

This repository is part of ElasTest, which is an open source elastic platform aimed to simplify end-to-end testing. ElasTest platform is based on three principles: i) Test orchestration: Combining intelligently testing units for creating a more complete test suite following the “divide and conquer” principle. ii) Instrumentation and monitoring: Customizing the SuT (Subject under Test) infrastructure so that it reproduces real-world operational behavior and allowing to gather relevant information during testing. iii) Test recommendation: Using machine learning and cognitive computing for recommending testing actions and providing testers with friendly interactive facilities for decision taking.

Documentation

The ElasTest project provides detailed documentation including tutorials, installation and development guide.

Source

Source code for other ElasTest projects can be found in the GitHub ElasTest Group.

News

Follow us on Twitter @ElasTest Twitter.

Licensing and distribution

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Contribution policy

You can contribute to the ElasTest community through bug-reports, bug-fixes, new code or new documentation. For contributing to the ElasTest community, you can use the issue support of GitHub providing full information about your contribution and its value. In your contributions, you must comply with the following guidelines

  • You must specify the specific contents of your contribution either through a detailed bug description, through a pull-request or through a patch.
  • You must specify the licensing restrictions of the code you contribute.
  • For newly created code to be incorporated in the ElasTest code-base, you must accept ElasTest to own the code copyright, so that its open source nature is guaranteed.
  • You must justify appropriately the need and value of your contribution. The ElasTest project has no obligations in relation to accepting contributions from third parties.
  • The ElasTest project leaders have the right of asking for further explanations, tests or validations of any code contributed to the community before it being incorporated into the ElasTest code-base. You must be ready to addressing all these kind of concerns before having your code approved.