Goal

Submit Lab 5 (SAST with Semgrep + DAST with ZAP/Nuclei/Nikto/SQLmap + SAST/DAST correlation).

Changes

• Added Semgrep SAST outputs and analysis.
• Added ZAP unauthenticated and authenticated scan reports + comparison.
• Added Nuclei, Nikto, and SQLmap scan outputs.
• Added correlation/summary analysis.
• Added final report in labs/submission5.md.

Testing

• Ran Semgrep with p/security-audit and p/owasp-top-ten.
• Ran ZAP baseline and authenticated automation scan.
• Ran Nuclei template scan against http://localhost:3000.
• Ran Nikto web scan against http://localhost:3000.
• Ran SQLmap against /rest/products/search and /rest/user/login.

Artifacts

• labs/submission5.md
• labs/lab5/semgrep/*
• labs/lab5/zap/*
• labs/lab5/nuclei/*
• labs/lab5/nikto/*
• labs/lab5/sqlmap/*
• labs/lab5/analysis/*
• labs/lab5/scripts/*

Checklist

• Title is clear and specific
• Docs updated if needed
• No secrets or large temp files committed

Lab Tasks

• Task 1 done — SAST Analysis with Semgrep
• Task 2 done — DAST Analysis (ZAP + Nuclei + Nikto + SQLmap)
• Task 3 done — SAST/DAST Correlation