Looking for a good example Arachni in a DevSecOps Pipeline

Art's Avatar

Art

01 May, 2019 01:25 PM

I need to do a presentation tomorrow to a set of "C" level people, and I'm looking to create a simple use case to show how a DevSecOps pipeline works. I'm first illustrating a security error (I created a simple XSS attack in jsFiddle), Now I want to show how a tool like Arachni would detect the innerHtml in the code, and alert the developer that a possible vulnerability exist.
https://jsfiddle.net/anicewick/cd6uqkvo/3/

Sadly, the machine I am working on is hardened, and I cannot install or remately access allot of facilities (I can't even access my AWS instance) .
I'm not 100% sure that Arachni has what I want, but I'd like to talk to someone to find out.

Reply to this discussion

Internal reply

Formatting help / Preview (switch to plain text) No formatting (switch to Markdown)

Attaching KB article:

»

Attached Files

You can attach files up to 10MB

If you don't have an account yet, we need to confirm you're human and not a machine trying to post spam.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac