Skip to content
This repository was archived by the owner on Apr 26, 2021. It is now read-only.

hmcts/cmc-security-scan

BranchesTags

Repository files navigation

CMC Security Scan

This is the security scan using ZAP proxy.

Getting Started

Prerequisites

The following software needs to be installed:

Local environment setup

In addition to above, a link to integration tests should exist as security scan runs integration tests through ZAP proxy. Link can be created using the following command:

$ ./bin/link-integration-tests-project.sh <path-to-integration-tests>

Starting dockerized environment

To start environment including ZAP proxy, Selenium Webdriver and CMC service stack please run the following command:

$ ./bin/start-environment.sh

There is a convenience stop-environment script as well.

Run integration tests through ZAP proxy

To run integration tests through ZAP proxy in attack mode please run the following command:

$ ./bin/run-integration-tests-scan.sh

Stopping dockerized environment

To stop environment including ZAP proxy, Selenium Webdriver and CMC service stack please run the following command:

$ ./bin/stop-environment.sh

License

This project is licensed under the MIT License - see the LICENSE file for details.

About

ZAP security scanning automation for Civil Money Claims application

Topics

shell docker security docker-compose owasp govuk jenkins-pipeline zap-proxy civil-money-claims

Resources

Readme

License

MIT license

Contributing

Contributing
Activity
Custom properties

Stars

0 stars

Watchers

9 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages