Skip to content

Feature/lab5#499

Open
ArthurBabkin wants to merge 14 commits intoinno-devops-labs:mainfrom
ArthurBabkin:feature/lab5
Open

Feature/lab5#499
ArthurBabkin wants to merge 14 commits intoinno-devops-labs:mainfrom
ArthurBabkin:feature/lab5

Conversation

@ArthurBabkin
Copy link

@ArthurBabkin ArthurBabkin commented Mar 3, 2026

Goal

Add Lab 5 submission: static and dynamic security analysis of OWASP Juice Shop.

Changes

  • Ran Semgrep SAST on Juice Shop source (140 rules, 25 findings)
  • ZAP unauthenticated baseline + authenticated scan (auth via Automation Framework)
  • Nuclei, Nikto, SQLmap scans with full output artifacts
  • SAST/DAST correlation analysis
  • Documented findings in labs/submission5.md

Testing

  • Task 1 done — SAST Analysis with Semgrep
  • Task 2 done — DAST Analysis (ZAP + Nuclei + Nikto + SQLmap)
  • Task 3 done — SAST/DAST Correlation

Artifacts & Screenshots

  • labs/lab5/semgrep/ — Semgrep JSON + text report
  • labs/lab5/zap/ — ZAP noauth + auth HTML/JSON reports
  • labs/lab5/nuclei/ — Nuclei JSONL results
  • labs/lab5/nikto/ — Nikto text report
  • labs/lab5/sqlmap/ — SQLmap CSV results
  • labs/lab5/analysis/ — sast-analysis.txt, correlation.txt

Checklist

  • PR title is clear and describes the changes
  • Documentation updated if needed
  • No secrets, API keys, or large temp files in commits

ArthurBabkin and others added 14 commits February 8, 2026 22:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ArthurBabkin