Acunetix allows seamless integration with GitHub. This provides Acunetix administrators with the ability to send vulnerabilities directly to their development teams.
Creating a Repository on GitHub
In order to get started with the integration, you first need to create a GitHub repository. If you want to integrate with an existing repository, you can follow configuration instructions in the next step.
Log in to your GitHub account and click on the Your repositories option in the drop-down menu. You can access it using the profile icon as shown below.
Click on the New button to create a repository. This will take you to the repository configuration page.
You can configure the name, description, and public visibility for the repository that you are creating. You can also initialize a README file with further documentation. Finally, click on Create repository to save the configuration and generate the repository.
The GitHub repository has now been created and will be listed in the repository list in your account.
Integrating with Acunetix
To connect a GitHub repository with Acunetix, you need to navigate to the Settings page. Configuration options are available on the Issue Trackers tab. Click on the Add Issue Tracker button. Select GitHub from the drop-down list.
The URL value is predefined for GitHub Online. Enter the username and password and use the Test Connection button to confirm the credentials. Once the credentials are verified, the Project and Issue Type fields will be populated with the data from your GitHub account. Choose the correct Project and confirm the Issue Type, then click on the OK button to confirm the settings.
Note: A GitHub issue tracker instance needs to be created for each GitHub repository for vulnerability delegation.
It is also possible to confirm that the issue tracker is successfully configured at any time by clicking on the Test Connection button in the settings of the issue tracker.
Pushing Vulnerabilities to GitHub
After successfully configuring the GitHub issue tracker in Acunetix, you can start sending vulnerabilities to GitHub in order for developers to get more information on the security issue.
This can be achieved by adding the newly configured issue tracker to your target. In the target configuration page, the issue tracker can be selected on the Advanced tab.
The next step would be to send the target vulnerabilities to GitHub. Navigate to the Vulnerabilities page and apply filters for your specific target. As an example, we will use http://testphp.vulnweb.com.
Once the vulnerabilities are selected, click on the Send To Issue Tracker button. The vulnerabilities have now been pushed to the configured repository and are available in the Issues view on GitHub.
Vulnerability details contain detailed information, which will assist developers that are working on the project in their remediation efforts.
For more information on setting up GitHub with Acunetix, contact our support team: firstname.lastname@example.org.