{"id":13533642,"url":"https://github.com/DefectDojo/django-DefectDojo","last_synced_at":"2025-04-01T22:30:30.171Z","repository":{"id":27546814,"uuid":"31028375","full_name":"DefectDojo/django-DefectDojo","owner":"DefectDojo","description":" DevSecOps, ASPM, Vulnerability Management. All on one platform.","archived":false,"fork":false,"pushed_at":"2024-10-29T12:40:14.000Z","size":174418,"stargazers_count":3687,"open_issues_count":375,"forks_count":1549,"subscribers_count":208,"default_branch":"master","last_synced_at":"2024-10-29T15:26:40.021Z","etag":null,"topics":["analytics","appsec","automation","devsecops","django","hacktoberfest","kubernetes","owasp","python","security","security-automation","security-orchestration","vulnerability-correlation","vulnerability-databases","vulnerability-management"],"latest_commit_sha":null,"homepage":"https://defectdojo.com","language":"HTML","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/DefectDojo.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2015-02-19T17:53:47.000Z","updated_at":"2024-10-29T08:20:32.000Z","dependencies_parsed_at":"2024-04-15T17:31:06.788Z","dependency_job_id":"73a9550b-793a-4ff1-8942-39e495ba847c","html_url":"https://github.com/DefectDojo/django-DefectDojo","commit_stats":{"total_commits":9007,"total_committers":496,"mean_commits":"18.159274193548388","dds":0.8363495059398246,"last_synced_commit":"52e9f1664032d83e771974c1b5b417fa3a4204c5"},"previous_names":[],"tags_count":233,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DefectDojo%2Fdjango-DefectDojo","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DefectDojo%2Fdjango-DefectDojo/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DefectDojo%2Fdjango-DefectDojo/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DefectDojo%2Fdjango-DefectDojo/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/DefectDojo","download_url":"https://codeload.github.com/DefectDojo/django-DefectDojo/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246457993,"owners_count":20780679,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["analytics","appsec","automation","devsecops","django","hacktoberfest","kubernetes","owasp","python","security","security-automation","security-orchestration","vulnerability-correlation","vulnerability-databases","vulnerability-management"],"created_at":"2024-08-01T07:01:21.732Z","updated_at":"2025-04-01T22:30:30.163Z","avatar_url":"https://github.com/DefectDojo.png","language":"HTML","readme":"# DefectDojo\n\n\u003ctable\u003e\n    \u003ctr styl=\"margin: 0; position: absolute; top: 50%; -ms-transform: translateY(-50%); transform: translateY(-50%);\"\u003e\n        \u003cth\u003e\n            \u003ca href=\"https://opensourcesecurityindex.io/\" target=\"_blank\" rel=\"noopener\"\u003e\n                \u003cimg style=\"width: 282px; height: 56px\" src=\"https://opensourcesecurityindex.io/badge.svg\"\n                alt=\"Open Source Security Index - Fastest Growing Open Source Security Projects\" width=\"282\" height=\"56\" /\u003e\n            \u003c/a\u003e\n        \u003c/th\u003e\n        \u003cth\u003e\n            \u003cp\u003e\n                \u003ca href=\"https://www.owasp.org/index.php/OWASP_DefectDojo_Project\"\u003e\u003cimg src=\"https://img.shields.io/badge/owasp-flagship%20project-orange.svg\" alt=\"OWASP Flagship\"\u003e\u003c/a\u003e\n                \u003ca href=\"https://github.com/DefectDojo/django-DefectDojo/releases/latest\"\u003e\u003cimg src=\"https://img.shields.io/github/release/DefectDojo/django-DefectDojo.svg\" alt=\"GitHub release\"\u003e\u003c/a\u003e\n                \u003ca href=\"https://www.youtube.com/channel/UCWw9qzqptiIvTqSqhOFuCuQ\"\u003e\u003cimg src=\"https://img.shields.io/badge/youtube-subscribe-%23c4302b.svg\" alt=\"YouTube Subscribe\"\u003e\u003c/a\u003e\n                \u003ca href=\"https://twitter.com/defectdojo/\"\u003e\u003cimg src=\"https://img.shields.io/twitter/follow/defectdojo.svg?style=social\u0026amp;label=Follow\" alt=\"Twitter Follow\"\u003e\u003c/a\u003e\n            \u003c/p\u003e\n            \u003cp\u003e\n                \u003ca href=\"https://github.com/DefectDojo/django-DefectDojo/actions\"\u003e\u003cimg src=\"https://github.com/DefectDojo/django-DefectDojo/actions/workflows/unit-tests.yml/badge.svg?branch=master\" alt=\"Unit Tests\"\u003e\u003c/a\u003e\n                \u003ca href=\"https://github.com/DefectDojo/django-DefectDojo/actions\"\u003e\u003cimg src=\"https://github.com/DefectDojo/django-DefectDojo/actions/workflows/integration-tests.yml/badge.svg?branch=master\" alt=\"Integration Tests\"\u003e\u003c/a\u003e\n                \u003ca href=\"https://bestpractices.coreinfrastructure.org/projects/2098\"\u003e\u003cimg src=\"https://bestpractices.coreinfrastructure.org/projects/2098/badge\" alt=\"CII Best Practices\"\u003e\u003c/a\u003e\n            \u003c/p\u003e\n        \u003c/th\u003e\n    \u003c/tr\u003e\n \u003c/table\u003e\n\n![Screenshot of DefectDojo](https://raw.githubusercontent.com/DefectDojo/django-DefectDojo/dev/docs/assets/images/screenshot1.png)\n\n[DefectDojo](https://www.defectdojo.com/) is a DevSecOps, ASPM (application security posture management), and\nvulnerability management tool.  DefectDojo orchestrates end-to-end security testing, vulnerability tracking,\ndeduplication, remediation, and reporting.\n\n## Demo\n\nTry out DefectDojo on our demo server at [demo.defectdojo.org](https://demo.defectdojo.org)\n\nLog in with username `admin` and password `1Defectdojo@demo#appsec`. Please note that the demo is publicly accessible\nand regularly reset. Do not put sensitive data in the demo.\n\n## Quick Start for Compose V2\n\nFrom July 2023 Compose V1 [stopped receiving updates](https://docs.docker.com/compose/reference/).\n\nCompose V2 integrates compose functions into the Docker platform, continuing to support most of the previous\ndocker-compose features and flags. You can run Compose V2 by replacing the hyphen (-) with a space, using\n`docker compose` instead of `docker-compose`.\n\n```sh\n# Clone the project\ngit clone https://github.com/DefectDojo/django-DefectDojo\ncd django-DefectDojo\n\n# Check if your installed toolkit is compatible\n./docker/docker-compose-check.sh\n\n# Building Docker images\ndocker compose build\n\n# Run the application (for other profiles besides postgres-redis see  \n# https://github.com/DefectDojo/django-DefectDojo/blob/dev/readme-docs/DOCKER.md)\ndocker compose up -d\n\n# Obtain admin credentials. The initializer can take up to 3 minutes to run.\n# Use docker compose logs -f initializer to track its progress.\ndocker compose logs initializer | grep \"Admin password:\"\n```\n\n## For Docker Compose V1\n\nYou can run Compose V1 by calling `docker-compose` (by adding the hyphen (-) between `docker compose`). \n\nFollowing commands are using original version so you might need to adjust them:\n```sh\ndocker/docker-compose-check.sh\ndocker/entrypoint-initializer.sh\ndocker/setEnv.sh\n```\n\nNavigate to `http://localhost:8080` to see your new instance!\n\n## Documentation\n\n* [Official Docs](https://docs.defectdojo.com/)\n* [REST APIs](https://docs.defectdojo.com/en/open_source/api-v2-docs/)\n* [Client APIs and Wrappers](https://docs.defectdojo.com/en/open_source/api-v2-docs/#clients--api-wrappers)\n* Authentication options:\n    * [OAuth2/SAML2](https://docs.defectdojo.com/en/open_source/archived_docs/integrations/social-authentication/)\n    * [LDAP](https://docs.defectdojo.com/en/open_source/ldap-authentication/)\n* [Supported tools](https://docs.defectdojo.com/en/connecting_your_tools/parsers/)\n\n## Supported Installation Options\n\n* [Docker / Docker Compose](readme-docs/DOCKER.md)\n* [SaaS](https://www.defectdojo.com/) - Includes Support \u0026 Supports the Project\n\n## Community, Getting Involved, and Updates\n\n[\u003cimg src=\"https://raw.githubusercontent.com/DefectDojo/django-DefectDojo/dev/docs/assets/images/slack-logo-icon.png\" alt=\"Slack\" height=\"50\"/\u003e](https://owasp.org/slack/invite)\n[\u003cimg src=\"https://raw.githubusercontent.com/DefectDojo/django-DefectDojo/dev/docs/assets/images/Linkedin-logo-icon-png.png\" alt=\"LinkedIn\" height=\"50\"/\u003e](https://www.linkedin.com/company/defectdojo)\n[\u003cimg src=\"https://raw.githubusercontent.com/DefectDojo/django-DefectDojo/dev/docs/assets/images/Twitter_Logo.png\" alt=\"Twitter\" height=\"50\"/\u003e](https://twitter.com/defectdojo)\n[\u003cimg src=\"https://raw.githubusercontent.com/DefectDojo/django-DefectDojo/dev/docs/assets/images/YouTube-Emblem.png\" alt=\"Youtube\" height=\"50\"/\u003e](https://www.youtube.com/channel/UCWw9qzqptiIvTqSqhOFuCuQ)\n\n[Join the OWASP Slack community](https://owasp.org/slack/invite) and participate in the discussion! You can find us in\nour channel there, [#defectdojo](https://owasp.slack.com/channels/defectdojo). Follow DefectDojo on\n[Twitter](https://twitter.com/defectdojo), [LinkedIn](https://www.linkedin.com/company/defectdojo), and\n[YouTube](https://www.youtube.com/channel/UCWw9qzqptiIvTqSqhOFuCuQ) for project updates!\n\n## Contributing\n\nPlease see our [contributing guidelines](readme-docs/CONTRIBUTING.md) for more\ninformation.\n\n## Pro Edition\n[Upgrade to DefectDojo Pro](https://www.defectdojo.com/) today to take your DevSecOps to 11. DefectDojo Pro is\ndesigned to meet you wherever you are on your security journey and help you scale, with enhanced dashboards, additional\nsmart features, tunable deduplication, and support from DevSecOps experts.\n\nAlternatively, for information please email info@defectdojo.com\n\n## About Us\n\nDefectDojo is maintained by:\n* Greg Anderson ([@devGregA](https://github.com/devgrega) | [LinkedIn](https://www.linkedin.com/in/g-anderson/))\n* Matt Tesauro ([@mtesauro](https://github.com/mtesauro) | [LinkedIn](https://www.linkedin.com/in/matttesauro/) |\n  [@matt_tesauro](https://twitter.com/matt_tesauro))\n\nCore Moderators can help you with pull requests or feedback on dev ideas:\n* Cody Maffucci ([@Maffooch](https://github.com/maffooch) | [LinkedIn](https://www.linkedin.com/in/cody-maffucci))\n\nModerators can help you with pull requests or feedback on dev ideas:\n* Charles Neill ([@cneill](https://github.com/cneill) | [@ccneill](https://twitter.com/ccneill))\n* Jay Paz ([@jjpaz](https://twitter.com/jjpaz))\n* Blake Owens ([@blakeaowens](https://github.com/blakeaowens))\n\n## Hall of Fame\n* Jannik Jürgens ([@alles-klar](https://github.com/alles-klar)) - Jannik was a long time contributor and moderator for \n  DefectDojo and made significant contributions to many areas of the platform. Jannik was instrumental in pioneering \n  and optimizing deployment methods.\n* Valentijn Scholten ([@valentijnscholten](https://github.com/valentijnscholten) |\n  [Sponsor](https://github.com/sponsors/valentijnscholten) |\n  [LinkedIn](https://www.linkedin.com/in/valentijn-scholten/)) - Valentijn served as a core moderator for 3 years.\n  Valentijn's contributions were numerous and extensive. He overhauled, improved, and optimized many parts of the\n  codebase. He consistently fielded questions, provided feedback on pull requests, and provided a helping hand wherever\n  it was needed.\n* Fred Blaise ([@madchap](https://github.com/madchap) | [LinkedIn](https://www.linkedin.com/in/fredblaise/)) - Fred\n  served as a core moderator during a critical time for DefectDojo. He contributed code, helped the team stay organized,\n  and architected important policies and procedures.\n* Aaron Weaver ([@aaronweaver](https://github.com/aaronweaver) | [LinkedIn](https://www.linkedin.com/in/aweaver/)) -\n  Aaron has been a long time contributor and user of DefectDojo. He did the second major UI overhaul and his\n  contributions include automation enhancements, CI/CD engagements, increased metadata at the product level, and many\n  more.\n\n## Security\n\nPlease report Security issues via our [disclosure policy](readme-docs/SECURITY.md).\n\n## License\n\nDefectDojo is licensed under the [BSD 3-Clause License](LICENSE.md)\n","funding_links":["https://github.com/sponsors/valentijnscholten"],"categories":["Development","HTML","Orchestration","Dependency intelligence","Security Automation","Python","HTML (177)","Cloud Security Posture Management","Инструменты","Application Recommendation","漏洞库_漏洞靶场","LLM分析过程","Tools"],"sub_categories":["VoIP","SCA and SBOM","Network Security","Vulnerability Management","🔒 Cybersecurity","资源传输下载"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FDefectDojo%2Fdjango-DefectDojo","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FDefectDojo%2Fdjango-DefectDojo","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FDefectDojo%2Fdjango-DefectDojo/lists"}