0006956: DefectDojo - Kali Linux Bug Tracker

ID	Project	Category	View Status	Date Submitted	Last Update
0006956	Kali Linux	Queued Tool Addition	public	2020-12-30 03:48	2021-08-13 12:59

Reporter	devGregA	Assigned To
Priority	normal	Severity	minor	Reproducibility	N/A
Status	closed	Resolution	duplicate

Summary	0006956: DefectDojo
Description	[Name] - The name of the tool OWASP DefectDojo [Version] - What version of the tool should be added? 1.11.0 [Homepage] - https://www.defectdojo.org/ https://github.com/DefectDojo/django-DefectDojo https://defectdojo.readthedocs.io/en/latest/ [Download] - Where to go to get the tool? https://github.com/DefectDojo/django-DefectDojo/releases/tag/1.11.0 or https://hub.docker.com/u/defectdojo - docker images are the easiest way to get the new releases. [Author] - Who made the tool? DefectDojo is maintained by a group: https://github.com/DefectDojo/django-DefectDojo#project-moderators, but I am the original author. [Licence] - How is the software distributed? What conditions does it come with? BSD 3-Clause https://github.com/DefectDojo/django-DefectDojo/blob/master/LICENSE.md [Description] - What is the tool about? What does it do? Combines scan results from multiple scanners to consolidate metrics, make reporting easier, and remove duplicates / false positive using heuristic algorithms. [Dependencies] - What is needed for the tool to work? If docker is an option, only the docker images. We typically recommend adding the start up to Systemctl [Similar tools] - What other tools are out there? Threadfix, CodeDX, Dradis. [Activity] - When did the project start? Is is still actively being deployed? Approximately 7 years ago. Yes, actively maintained and continuing to grow. We're a flagship project under OWASP. [How to install] - How do you compile it? No compiling is necessary with the docker images. Note, using source code to acquire (e.g. git clone/svn checkout) can't be used - Also downloading from the head. Please use a "tag" or "release" version. [How to use] - What are some basic commands/functions to demonstrate it? Example 1: Say you like using openVAS for scanning infrastructure and ZAP for applications. DefectDojo is an easy way to take the results from both and export one report without having to manually combine. Example 2: Say you really like Burp Suite for finding some vulnerabilities, but you also like Arachni for others. You can ship the results from both into DefectDojo. Dojo will attempt to remove duplicates/overlap by looking at the endpoint/location and finding details. [Packaged] - Is the tool already packaged for Debian? There is not, but we have a maintainer who is familiar with Debian packaging and happy to assist.

g0tmi1k 2021-01-08 13:26 administrator ~0014053	@kali-team, please could this be packaged up. @author, If you want to help the packaging process, you can check the documentation here ~ https://www.kali.org/docs/development/public-packaging

devGregA 2021-01-11 22:08 reporter ~0014107	Thanks for getting back to me @g0tmi1k. Will review the packaging process and discuss with the team. Back with you shortly.

devGregA 2021-01-17 06:31 reporter ~0014117	We've reviewed and will take a first run at the packaging. Expecting to be able to complete it this week.

devGregA 2021-04-12 21:51 reporter ~0014461	All, sorry for the delay. We have made bandwith and have started the effort.

Date Modified	Username	Field	Change
2020-12-30 03:48	devGregA	New Issue
2021-01-08 13:24	g0tmi1k	Summary	Please Consider Adding OWASP DefectDojo => OWASP DefectDojo
2021-01-08 13:26	g0tmi1k	Note Added: 0014053
2021-01-08 13:26	g0tmi1k	Status	new => acknowledged
2021-01-08 13:26	g0tmi1k	Category	New Tool Requests => Queued Tool Addition
2021-01-11 22:08	devGregA	Note Added: 0014107
2021-01-17 06:31	devGregA	Note Added: 0014117
2021-04-12 21:51	devGregA	Note Added: 0014461
2021-08-13 12:58	g0tmi1k	Summary	OWASP DefectDojo => DefectDojo
2021-08-13 12:59	g0tmi1k	Status	acknowledged => closed
2021-08-13 12:59	g0tmi1k	Resolution	open => duplicate
2021-08-13 12:59	g0tmi1k	Relationship added	duplicate of 0006898