SonarQube Stackhawk DAST Demo Repo

This application is an intentional vulnerable Java Spring-Boot application with Thymeleaf. It is use for training purposes only! Run the application Go to the root folder of the application and run using Maven mvn spring-boot:run The application fills itself with data at startup wait until you see READY in the console. You can access the application on http://localhost:8081 By default there are two users configured you can access Username Password User type Admin admin ADMIN User user CUSTOMER DAST Scan with StackHawk Run a DAST scan with StackHawk, producing a stackhawk.sarif file as output. This can later be ingested into SonarQube. export SARIF_ARTIFACT=true hawk scan Adding the stackhawk.sarif to the Sonar Scan via - Dsonar.sarifReportPaths=stackhawk.sarif parameter: # Get the current branch name directly using command substitution CURRENT_BRANCH=$(git branch --show-current) # Check if the command was successful and a branch name was found if [ -z "$CURRENT_BRANCH" ]; then echo "Er

SonarQube Stackhawk DAST Demo Repo

Related Articles

How to Build a Real Multi-Agent Engineering Workflow With oh-my-claudecode

Clean Code Principles Every Software Engineer Should Follow

The Real Cost of Abstractions in .NET

Stop Learning Frameworks — You’re Wasting Your Time

How to Self-Host n8n in 2026: VPS vs Managed Hosting (Full Comparison)

Related Articles

How-To
How to Build a Real Multi-Agent Engineering Workflow With oh-my-claudecode
Medium Programming • 10h ago

How-To
Clean Code Principles Every Software Engineer Should Follow
Medium Programming • 11h ago

How-To
The Real Cost of Abstractions in .NET
Medium Programming • 12h ago

How-To
Stop Learning Frameworks — You’re Wasting Your Time
Medium Programming • 12h ago

How-To
How to Self-Host n8n in 2026: VPS vs Managed Hosting (Full Comparison)
Dev.to • 12h ago