OWASP/owasp-mastg

Add cross-referencing for weaknesses, tests and demos

cpholguera opened this issue 4 months ago · 0 comments

cpholguera commented 4 months ago

Now that we have all these items with their yaml frontmatter including this metadata:

weaknesses/
- with their own id like MASWE-xxxx
tests-beta/
- with their own id like MASTG-TEST-xxxx
- with a field weakness including one MASWE-xxxx ID
demos/
- with their own id like MASTG-DEMO-xxxx
- with a field test including one MASTG-TEST-xxxx ID

Everything is linked. We need a new hook in docs/hooks that will do this cross referencing and automatically add to their metadata (page.meta):

for a weakness: a list with all tests covering it
for a test: a list with all demos covering it

If those lists have values it will add a markdown section at the bottom of the markdown file:

for a weakness: ## Tests
for a test: ## Demos

For example, for MASWE-0108:

## Tests

- [MASTG-TEST-0206: Sensitive Data in Network Traffic Capture](/MASTG/tests-beta/android/MASVS-PRIVACY/MASTG-TEST-0206)

For MASTG-TEST-0206:

## Demos

- [MASTG-DEMO-0009: Detecting Sensitive Data in Network Traffic](MASTG/demos/android/MASVS-PRIVACY/MASTG-DEMO-0009/MASTG-DEMO-0009)