DevSecOps: Vulnerability Tests

I’m going to take you on an exciting journey of how I built a complete DevSecOps pipeline for a deliberately vulnerable banking application

Contact Me

Contact Me

Project Write-up

Project Write-up

Services

Security and Automation

Tools

SonarQube, Snyk, GitHub, Trivy, Checkov, OWASP ZAP, AWS

Value

Security and reliability

Timeline

1 week

project pic

Here’s what I've built:


  • A CI/CD pipeline with security superpowers

  • Static Application Security Testing (SAST) with SonarQube

  • Software Composition Analysis (SCA) with Snyk

  • Container scanning with Trivy

  • Infrastructure as Code scanning with Checkov

  • Dynamic Application Security Testing (DAST) with OWASP ZAP

  • Automatic deployment to AWS EC2

  • An HTML report showing all our security findings

  • Running the deployed application in from the EC2 terminal

project pic

Works

Other Projects

Other Projects

HackTheBox

CTF 2025

Cyber Apocalypse CTF 2025

Hall of Fame

WebApp Pentest

Hall of Fame @ Nebraska-Uni

Reach out anytime

Let’s Stay Connected

Got questions or want to collaborate? Feel free to reach out—I'm open to new projects or just a casual chat!

Contact Me

er.mdyousufhussain@gmail.com

Reach out anytime

Let’s Stay Connected

Got questions or want to collaborate? Feel free to reach out—I'm open to new projects or just a casual chat!

Contact Me

er.mdyousufhussain@gmail.com

Reach out anytime

Let’s Stay Connected

Got questions or want to collaborate? Feel free to reach out—I'm open to new projects or just a casual chat!

Contact Me

er.mdyousufhussain@gmail.com

Create a free website with Framer, the website builder loved by startups, designers and agencies.