Session Video
Notable logs from the chat during the session
14:39:25 From Abhay Bhargav : https://github.com/we45
14:57:18 From Didar Gelici : this is their repo where you can find some robot framework related tools
14:57:32 From Didar Gelici : and also robotframework.org for the overview and cheatsheets
14:39:40 From Abhay Bhargav : https://github.com/we45/oss-live-code
14:46:18 From Didar Gelici : Abhay and we45 also have a lot of good tutorials on their youtube channel, check it out after the session : https://www.youtube.com/channel/UC7xOsHYvdtJ9sNp0AZx7H2w
15:00:50 From Abhay Bhargav : https://github.com/we45/RoboNodeJSScan
15:01:24 From Abhay Bhargav : https://github.com/ajinabraham/nodejsscan
15:12:49 From Dharam Patel : Is there any solution to scan c sharp code?
15:12:57 From Abhay Bhargav : Security Code Scan
15:13:11 From Abhay Bhargav : https://github.com/security-code-scan/security-code-scan
15:21:15 From Abhay Bhargav : docker run -d -p 5050:5050 abhaybhargav/vul_flask
15:30:20 From Seco : Is there any way to automatically import REST/SOAP API request from Swagger into ZAP without manual intervention?
15:30:55 From N/A : Can you build complex flows, like oauth authentication before starting to scan?
15:31:50 From evanjones : Its okay for directory discovery
15:32:41 From Shivani : yeah like header are missing in the web app ..
15:45:29 From N/A : Any dashboard to gather and see all results?
15:45:52 From Dharam Patel : is there integration with datadog?
15:46:48 From Dharam Patel : Lambda will be good to show if you can
15:48:24 From LJ : sorry i lost connectivity and not sure if u already answered it..I just wanted to understand that is there a possible way to use encrypted password directly (like may be using function from library) instead of pulling the password from a file stored some where?..
About this talk
In this talk, Ill be looking at leveraging Python Test Automation Frameworks like Robot Framework and Gauge to perform easy-to-use and powerful AppSec Automation for SAST, DAST, SCA and pretty much anything else.
I will be doing this live-code style (mostly). So do join in and let’s do an interactive and exploratory journey on AppSec Automation with Python
** things you’ll need to follow along **
- Python3 and pip installed and available on your machine (useful link: https://realpython.com/courses/installing-python-windows-macos-linux/)
- Visual Studio Code - I will be using Visual Studio code, but you can use an IDE/Text editor of your choice
- Sufficient privileges on your laptop/machine to install and run python libraries and code