edit README and add SonarQube CI/CD

.github/workflows/sonarqube.yml

@@ -0,0 +1,40 @@
+name: SonarQube Analysis
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  sonarqube:
+    name: SonarQube Scan
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v4
+
+      - name: Set up JDK 11 (Required for SonarQube)
+        uses: actions/setup-java@v4
+        with:
+          java-version: '11'
+
+      - name: Install SonarQube Scanner
+        run: |
+          wget https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-6.2.0.4578-linux.zip
+          unzip sonar-scanner-cli-6.2.0.4578-linux.zip -d $HOME
+          export PATH="$HOME/sonar-scanner-6.2.0.4578-linux/bin:$PATH"
+
+      - name: Run SonarQube Scanner
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+          SONAR_HOST_URL: ${{ vars.SONAR_HOST_URL }}
+        run: |
+          sonar-scanner \
+          -Dsonar.projectKey=mutillidae \
+          -Dsonar.sources=. \
+          -Dsonar.host.url=$SONAR_HOST_URL \
+          -Dsonar.login=$SONAR_TOKEN

README.md

@@ -1,4 +1,4 @@
-# OWASP Mutillidae II
+# OWASP Mutillidae II - Forked to showcase DevSecOps pipelines
 
 OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application designed for web-security enthusiasts. It serves as a target for learning and practicing web security skills. Mutillidae can be easily installed on Linux and Windows systems using LAMP, WAMP, and XAMMP stacks. Additionally, it comes pre-installed on SamuraiWTF and OWASP BWA, and the existing version can be updated on these platforms. With dozens of vulnerabilities and hints to guide the user, Mutillidae provides an accessible web hacking environment suitable for labs, security enthusiasts, classrooms, CTFs, and vulnerability assessment tool targets. It has been widely used in graduate security courses, corporate web security training, and as an assessment target for vulnerability assessment software. OWASP Mutillidae II provides a comprehensive platform for learning and practicing web security techniques in a controlled environment.
 
@@ -14,11 +14,14 @@ Explore our tutorials on YouTube: [webpwnized YouTube channel](https://www.youtu
 
 ### Location of source code
 
-Note carefully that the source code ishas moved to the ***src*** project directory. **Be careful to adjust accordingly.**
+$$
+Note
+$$ carefully that the source code ishas moved to the ***src*** project directory. **Be careful to adjust accordingly.**
 
 ### LAMP Stack
 
-Note carefully that the source code ishas moved to the ***src*** project directory. **Be careful to adjust accordingly.** If you have a LAMP stack set up already, you can skip directly to installing Mutillidae. Check out our [comprehensive installation guide](README-INSTALLATION.md) for detailed instructions. Watch the video tutorial: [How to Install Mutillidae on LAMP Stack](https://www.youtube.com/watch?v=TcgeRab7ayM)
+> [!IMPORTANT]
+> Note carefully that the source code ishas moved to the ***src*** project directory. **Be careful to adjust accordingly.** If you have a LAMP stack set up already, you can skip directly to installing Mutillidae. Check out our [comprehensive installation guide](README-INSTALLATION.md) for detailed instructions. Watch the video tutorial: [How to Install Mutillidae on LAMP Stack](https://www.youtube.com/watch?v=TcgeRab7ayM)
 
 ### Docker