Using Web Application Exploits or a similar public dataset regarding the exploits on Web application vulnerabilities, build a "smart" DDS (Data Distribution Service) publish/subscribe system able to offer real-time alerts about new security issues for a specific class of software like CMS, frameworks, modules, shopping cart managers, etc. Also, study WebSub (W3C Specification). Additionally, the system will provide – via a SPARQL endpoint – various solutions (advice, technical reports, defensive programming guidelines and others) to prevent and/or eradicate such security incidents. This information will be available in multiple formats: HTML + RDFa, JSON-LD using Software Application and/or SoftwareSourceCode schema.org concepts. Bonus: including a "smart" Web proxy able to efficiently cache requested data.
WebSub
Data Ingestion
Database
DevOps
- Receving near real-time alerts regarding the exploits on Web application vulnerabilities
- Exposing a SPARQL endpoint
Install the necessary tools for the project:
- Python (required)
- Apache Jena Fuseki (required)
- Redis (required)
- Docker (required)
Clone the project
git https://github.com/andreiplugaru/WADE-ASC.gitGo to the DataIngestion directory
cd WADE-ASC\DataIngestionInstall dependencies
pip install -r requirements.txtStart the DataIngestion service
python .\WADE-ASC\DataIngestion\main.py --initGo to the WebSub directory
cd WADE-ASC\WebSubInstall dependencies
pip install -r requirements.txtStart the Redis
docker run -p 6379:6379 redis:alpineStart the Celery worker
celery -A src.publisher.publisher_hub:celery worker -l info -P soloStart the PublisherHub service
python -m src.publisher.publisher_hubStart a Subscriber service
python -m src.subscriber --port 8081To deploy this project run
docker compose up -d --build