Uploaded image for project: 'Apache Fineract'
  1. Apache Fineract
  2. FINERACT-969

Run OWASP zaproxy.org against Fineract (e.g. fineract.dev)

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Open
    • Major
    • Resolution: Unresolved
    • None
    • None
    • Security
    • None

    Description

      giorgio in FINERACT-853 suggested to run https://www.zaproxy.org against Fineract.

      That sounds like a Great Idea - and may yield some interesting results and holes worth plugging.

      I this is easier to do against a public server instead of locally, then I hereby offer https://www.fineract.dev for this purpose. As its FAQ says, quote: "Try to crash our demo - and if you manage, then work with us in the open source project to make the Fineract code more scaleable and reliable!"

      Attachments

        1. fineract-url-clicked.txt
          10 kB
          Joseph Makara
        2. fineract-api-SQLi-scan.html
          296 kB
          Joseph Makara
        3. wuifineract.html
          854 kB
          Giorgio Zoppi
        4. wuifineract2.html
          648 kB
          Giorgio Zoppi

        Issue Links

          Activity

            People

              josemakara Joseph Makara
              vorburger Michael Vorburger
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated: