diff --git a/.github/workflows/sonarqube.yml b/.github/workflows/sonarqube.yml new file mode 100644 index 00000000..5e0a3e4e --- /dev/null +++ b/.github/workflows/sonarqube.yml @@ -0,0 +1,43 @@ +on: + # Trigger analysis when pushing to your main branches, and when creating a pull request. + push: + branches: + - main + - master + - development + - 'releases/**' + pull_request: + types: [opened, synchronize, reopened] + +name: Mutillidae II SonarQube Workflow + +jobs: + sonarqube: + runs-on: ubuntu-latest + + steps: + - name: Checkout Code + uses: actions/checkout@v4 + with: + # Disabling shallow clones is recommended for improving the relevancy of reporting + fetch-depth: 0 + + - name: Set up JDK 11 (Required for SonarQube) + uses: actions/setup-java@v4 + with: + java-version: '11' + distribution: 'temurin' + java-package: 'jdk' + + - name: SonarQube Scan + uses: sonarsource/sonarqube-scan-action@v2.3.0 # Latest version of SonarQube scan action + env: + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} # SonarQube authentication token + SONAR_HOST_URL: ${{ vars.SONAR_HOST_URL }} # SonarQube URL + + - name: Report Quality Gate Status + if: always() # Ensure the status is reported even if the scan fails + uses: sonarsource/sonarqube-quality-gate-action@master + env: + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + SONAR_HOST_URL: ${{ vars.SONAR_HOST_URL }} diff --git a/README.md b/README.md index f86fb454..b71a3c33 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,5 @@ -# OWASP Mutillidae II + +# $\color{LimeGreen}{OWASP\ Mutillidae\ II\ -\ Forked\ to\ showcase\ DevSecOps\ pipelines\}$ OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application designed for web-security enthusiasts. It serves as a target for learning and practicing web security skills. Mutillidae can be easily installed on Linux and Windows systems using LAMP, WAMP, and XAMMP stacks. Additionally, it comes pre-installed on SamuraiWTF and OWASP BWA, and the existing version can be updated on these platforms. With dozens of vulnerabilities and hints to guide the user, Mutillidae provides an accessible web hacking environment suitable for labs, security enthusiasts, classrooms, CTFs, and vulnerability assessment tool targets. It has been widely used in graduate security courses, corporate web security training, and as an assessment target for vulnerability assessment software. OWASP Mutillidae II provides a comprehensive platform for learning and practicing web security techniques in a controlled environment. @@ -14,15 +15,18 @@ Explore our tutorials on YouTube: [webpwnized YouTube channel](https://www.youtu ### Location of source code -Note carefully that the source code ishas moved to the ***src*** project directory. **Be careful to adjust accordingly.** +> [!IMPORTANT] +> Note carefully that the source code ishas moved to the ***src*** project directory. **Be careful to adjust accordingly.** ### LAMP Stack -Note carefully that the source code ishas moved to the ***src*** project directory. **Be careful to adjust accordingly.** If you have a LAMP stack set up already, you can skip directly to installing Mutillidae. Check out our [comprehensive installation guide](README-INSTALLATION.md) for detailed instructions. Watch the video tutorial: [How to Install Mutillidae on LAMP Stack](https://www.youtube.com/watch?v=TcgeRab7ayM) +> [!IMPORTANT] +> Note carefully that the source code ishas moved to the ***src*** project directory. **Be careful to adjust accordingly.** If you have a LAMP stack set up already, you can skip directly to installing Mutillidae. Check out our [comprehensive installation guide](README-INSTALLATION.md) for detailed instructions. Watch the video tutorial: [How to Install Mutillidae on LAMP Stack](https://www.youtube.com/watch?v=TcgeRab7ayM) ### Docker -Note carefully that the source code ishas moved to the ***src*** project directory. **Be careful to adjust accordingly.** +> [!NOTE] +> Note carefully that the source code ishas moved to the ***src*** project directory. **Be careful to adjust accordingly.** Learn how to set up Mutillidae using Docker with our video tutorials: @@ -33,7 +37,8 @@ Learn how to set up Mutillidae using Docker with our video tutorials: ## Usage -Explore a large number of video tutorials available on the [webpwnized YouTube channel](https://www.youtube.com/playlist?list=PLZOToVAK85MrsyNmNp0yyUTBXqKRTh623) for guidance on using Mutillidae. +> [!TIP] +> Explore a large number of video tutorials available on the [webpwnized YouTube channel](https://www.youtube.com/playlist?list=PLZOToVAK85MrsyNmNp0yyUTBXqKRTh623) for guidance on using Mutillidae. ## Key Features @@ -61,4 +66,6 @@ configurations. - `passwords`: Password-related files. - `styles`: CSS stylesheets. - `webservices`: Web services files, including REST and SOAP services. - - `soap/lib`: Library files for SOAP services. \ No newline at end of file + - `soap/lib`: Library files for SOAP services. + +[:arrow_up:](#top) \ No newline at end of file