Jackhammer:
Security vulnerability assessment / management tool to solve all the security scanning related tasks.What is Jackhammer?
Jackhammer is a collaboration tool built with an aim of bridging the gap between Security team vs dev team, QA team and being a facilitator for TPM to understand and track the quality of the code going into production. It could do static code analysis and dynamic analysis with inbuilt vulnerability management capability. It finds security vulnerabilities in the target applications and it helps security teams to manage the chaos in this new age of continuous integration and continuous/multiple deployments.Key Features:
- Provides unified interface to collaborate on findings
- Scanning (code) can be done for all code management repositories
- Scheduling of scans based on intervals # daily, weekly, monthly
- Advanced false positive filtering
- Publish vulnerabilities to bug tracking systems
- Keep a tab on statistics and vulnerability trends in your applications
- Integrates with majority of open source and commercial scanning tools
- Users and Roles management giving greater control
- Configurable severity levels on list of findings across the applications
- Built-in vulnerability status progression
- Easy to use filters to review targeted sets from tons of vulnerabilities
- Asynchronous scanning (via sidekiq) that scale
- Seamless Vulnerability Management
- Track statistics and graph security trends in your applications
- Easily integrates with a variety of open source, commercial and custom scanning tools.
Video demonstration for adding a new tool
Example: Nikto integration file
Demo Environment Link:
Default credentials:
Username: admin@admin.compassword: admin@admin.com
Download Link :
https://github.com/olacabs/jackhammer
User / Admin Guide :
https://jch.olacabs.com/userguide/
Ref:
https://github.com/olacabs/jackhammer
https://jch.olacabs.com/userguide/