An application to assist in the organization and prioritization of software security activities.

aparsons Last update: Dec 18, 2023

Bag of Holding

The Bag of Holding is an application to assist in the organization and prioritization of software security activities.

Check out these talks which cover building your own AppSec pipeline:

Matt Tesauro - Taking AppSec to 11: Pipelines, DevOps and making things better
Aaron Weaver - Building An AppSec Pipeline: Keeping Your Program, And Your Life, Sane
Matt Tesauro - Lessons From DevOps: Taking DevOps Practices Into Your AppSec Life

Releases

For information about what's new as well as known issues, see RELEASES.md

Development Setup

For information on setting up a development environment, see INSTALL.md.

Docker Startup

Build and start the container

docker build -t bag-of-holding .
docker run -d -p 8000:8000 --name boh-server bag-of-holding:latest

Create super-user

docker exec -it boh-server sh
python3 /bag-of-holding/project/manage.py createsuperuser

Commands

ThreadFix

The following command will retrieve the latest metrics from ThreadFix for connected applications. We recommend this be run daily as a Cron job.

python manage.py cron --threadfix

License

Licensed under the Apache License, Version 2.0.

Tags:

django-rest-framework

Owner

aparsons

GitHub Repository https://github.com/aparsons

Let AngularJS play well with Django

Let Django play well with AngularJS Add AngularJS directives to Django Forms. This allows to handle client side form validation using the constraints provided by the server side Form declaration. A p…

A drop-in replacement for Django's runserver.

A drop in replacement for Django's built-in runserver command. Features include: Note django-devserver works on Django 1.3 and newer To install the latest stable version: django-devserver has some op…

Django + Tailwind CSS = 💚

Python 3.10 or newer with Django >= 3.2 or newer. Via PIP:

"Magic Links" - URLs with authentication tokens for one-click login

django-sesame provides frictionless authentication with "Magic Links" for your Django project. Then it authenticates users based on tokens found in URLs. django-sesame is tested with: Install django-…

Plug and play continuous integration with django and jenkins

Plug and play continuous integration with Django and Jenkins From PyPI: Or by downloading the source and running: Latest git version: Installation for Python 3: This will create reports/ directory wi…

Dynamic and static host resolving for Django. Maps hostnames to URLconfs.

This Django app routes requests for specific hosts to different URL schemes defined in modules called "hostconfs". First, install the app with your favorite package manager, e.g.: Then configure your…

Media-Management with Grappelli

FileBrowser 4.0.3 requires Current development branches: Older versions are available at GitHub, but are not supported anymore.

A fast, Django inspired template system in Clojure.

Selmer templates consist of plain text that contains embedded expression and filter tags. While Selmer is primarily meant for HTML generation, it can be used for templating any text. Selmer compiles …

A Django app that allows you to send email asynchronously in Django. Supports HTML email, database backed templates and logging.

Django Post Office is a simple app to send and manage your emails in Django. Some awesome features are: With this optional dependency, HTML emails are nicely rendered inside the Django admin backend.…

A Django email backend for Amazon's Simple Email Service

A Django email backend for Amazon's Simple Email Service Amazon SES allows you to also setup usernames and passwords. If you do configure things that way, you do not need this package. The Django def…