Merge pull request Hacker0x01#86 from Hacker0x01/glossary

stacyspiva · web-flow · commit 49b99638675b · 2019-01-29T10:33:57.000-08:00
Add Glossary
diff --git a/docs/glossary/asset.md b/docs/glossary/asset.md
@@ -0,0 +1,8 @@
+---
+title: "Asset"
+path: "/glossary/asset"
+---
+
+Attack surfaces that hackers can hack on. There are different types such as: CIDR, Domain, Source code, Executable, Hardware/loT, iOS: .ipa.
+
+A collection of assets creates a scope.
diff --git a/docs/glossary/bounty-table.md b/docs/glossary/bounty-table.md
@@ -0,0 +1,6 @@
+---
+title: "Bounty Table"
+path: "/glossary/bounty-table"
+---
+
+A Bounty Table illustrates how much an organization is willing to pay for various bugs, helps set expectations for hackers, and gives the bug bounty team a guideline to ensure fair and consistent reward amounts.
diff --git a/docs/glossary/bounty.md b/docs/glossary/bounty.md
@@ -0,0 +1,6 @@
+---
+title: "Bounty"
+path: "/glossary/bounty"
+---
+
+A financial reward offered in exchange for a valid vulnerability report.
diff --git a/docs/glossary/bug-bounty-program.md b/docs/glossary/bug-bounty-program.md
@@ -0,0 +1,6 @@
+---
+title: "Bug Bounty Program"
+path: "/glossary/bug-bounty-program"
+---
+
+A bug bounty offers monetary incentives for vulnerabilities and invites submissions from hackers.
diff --git a/docs/glossary/common-response.md b/docs/glossary/common-response.md
@@ -0,0 +1,6 @@
+---
+title: "Common Response"
+path: "/glossary/common-response"
+---
+
+A saved response or template that can be applied repeatedly to reports. 
diff --git a/docs/glossary/cvss.md b/docs/glossary/cvss.md
@@ -0,0 +1,6 @@
+---
+title: "CVSS"
+path: "/glossary/cvss"
+---
+
+Common Vulnerability Scoring System (CVSS) is the framework HackerOne utilizes to assign a severity rating to a vulnerability.
diff --git a/docs/glossary/cwe.md b/docs/glossary/cwe.md
@@ -0,0 +1,6 @@
+---
+title: "CWE"
+path: "/glossary/cwe"
+---
+
+Common Weakness Enumeration (CWE) is the framework HackerOne utilizes to assign a weakness to a vulnerability.
diff --git a/docs/glossary/directory.md b/docs/glossary/directory.md
@@ -0,0 +1,6 @@
+---
+title: "Directory"
+path: "/glossary/directory"
+---
+
+The HackerOne directory is a community-curated resource for contacting an organization regarding a security vulnerability.
diff --git a/docs/glossary/hacker.md b/docs/glossary/hacker.md
@@ -0,0 +1,6 @@
+---
+title: "Hacker"
+path: "/glossary/hacker"
+---
+
+Someone who’s able to find vulnerabilities in information-related systems.
diff --git a/docs/glossary/hacktivity.md b/docs/glossary/hacktivity.md
@@ -0,0 +1,6 @@
+---
+title: "Hacktivity"
+path: "/glossary/hacktivity"
+---
+
+Hacktivity is the public community feed that showcases hacker activity on HackerOne.  
diff --git a/docs/glossary/impact.md b/docs/glossary/impact.md
@@ -0,0 +1,6 @@
+---
+title: "Impact"
+path: "/glossary/impact"
+---
+
+Average reputation gained per bounty.
diff --git a/docs/glossary/integration.md b/docs/glossary/integration.md
@@ -0,0 +1,6 @@
+---
+title: "Integration"
+path: "/glossary/integration"
+---
+
+External applications being connected and functioning in HackerOne.
diff --git a/docs/glossary/iso-29147.md b/docs/glossary/iso-29147.md
@@ -0,0 +1,6 @@
+---
+title: "ISO 29147"
+path: "/glossary/iso-29147"
+---
+
+An international standard describing vulnerability coordination.
diff --git a/docs/glossary/iso-30111.md b/docs/glossary/iso-30111.md
@@ -0,0 +1,6 @@
+---
+title: "ISO 30111"
+path: "/glossary/iso-30111"
+---
+
+An international standard describing vulnerability handling processes.
diff --git a/docs/glossary/report.md b/docs/glossary/report.md
@@ -0,0 +1,6 @@
+---
+title: "Report"
+path: "/glossary/report"
+---
+
+A submission from a hacker that describes a potential security vulnerability.
diff --git a/docs/glossary/reputation.md b/docs/glossary/reputation.md
@@ -0,0 +1,6 @@
+---
+title: "Reputation"
+path: "/glossary/reputation"
+---
+
+Reputation measures how likely a hacker’s finding is to be immediately relevant and actionable. 
diff --git a/docs/glossary/scope.md b/docs/glossary/scope.md
@@ -0,0 +1,6 @@
+---
+title: "Scope"
+path: "/glossary/scope"
+---
+
+A collection of assets that hackers are to hack on. It’s the structured data that represents the attack surface that’s included or explicitly excluded in an organization’s vulnerability disclosure or bug bounty program. 
diff --git a/docs/glossary/signal.md b/docs/glossary/signal.md
@@ -0,0 +1,6 @@
+---
+title: "Signal"
+path: "/glossary/signal"
+---
+
+Average reputation gained per report.
diff --git a/docs/glossary/vulnerability-disclosure.md b/docs/glossary/vulnerability-disclosure.md
@@ -0,0 +1,8 @@
+---
+title: "Vulnerability Disclosure"
+path: "/glossary/vulnerability-disclosure"
+---
+
+The process by which an organization receives and disseminates information about vulnerabilities in their products or online services. 
+
+ISO 29147 definition: Process through which vendors and vulnerability finders may work cooperatively in finding solutions that reduce the risks associated with a vulnerability. It encompasses actions such as reporting, coordinating, and publishing information about a vulnerability and its resolution. 
diff --git a/docs/glossary/vulnerability.md b/docs/glossary/vulnerability.md
@@ -0,0 +1,6 @@
+---
+title: "Vulnerability"
+path: "/glossary/vulnerability"
+---
+
+Weakness of software, hardware, or online service that can be exploited.
diff --git a/gatsby-node.js b/gatsby-node.js
@@ -6,6 +6,7 @@ exports.createPages = ({ boundActionCreators, graphql }) => {
   const programsTemplate = path.resolve('./src/templates/programs.js');
   const hackersTemplate = path.resolve('./src/templates/hackers.js');
   const changelogTemplate = path.resolve('./src/templates/changelog.js');
+  const glossaryTemplate = path.resolve('./src/templates/glossary.js');
 
   return graphql(`
     {
@@ -37,6 +38,8 @@ exports.createPages = ({ boundActionCreators, graphql }) => {
         template = hackersTemplate;
       } else if (node.frontmatter.path.includes("/changelog")) {
         template = changelogTemplate;
+      } else if (node.frontmatter.path.includes("/glossary")) {
+        template = glossaryTemplate;
       }
 
       createPage({
diff --git a/src/components/navigation/navigation.js b/src/components/navigation/navigation.js
@@ -33,6 +33,7 @@ export default ({ pathname }) => {
       <ul className="navigation__list">
         <NavItem linkTo="/hackers.html" title="Hackers" />
         <NavItem linkTo="/programs.html" title="Programs" />
+        <NavItem linkTo="/glossary" title="Glossary" />
         <li className="navigation__item">
           <a
             className="navigation__link"
diff --git a/src/pages/glossary/glossary.scss b/src/pages/glossary/glossary.scss
@@ -0,0 +1,21 @@
+@import '../../css/variables';
+
+.glossary {
+  h4 {
+    margin-bottom: 0;
+  }
+}
+
+.glossary__wrapper {
+  border-top: 1px solid $daisy-whisper;
+  padding-top: 24px;
+  position: relative;
+}
+
+.glossary__anchor {
+  position: absolute;
+  top: -60px;
+  left: 0;
+  height: 1px;
+  width: 1px;
+}
diff --git a/src/pages/glossary/index.js b/src/pages/glossary/index.js
@@ -0,0 +1,96 @@
+import React from 'react'
+import Helmet from 'react-helmet'
+import Link from 'gatsby-link'
+import slugify from 'slugify'
+import GatsbyConfig from '../../../gatsby-config'
+
+import './glossary.scss'
+
+class IndexRoute extends React.Component {
+  render() {
+    const { edges } = this.props.data.allMarkdownRemark
+
+    const groupedByAlphabet = {};
+
+    edges.map((item, index) => {
+      const firstLetter = item.node.frontmatter.title.charAt(0);
+
+      if (groupedByAlphabet[firstLetter] == undefined) {
+        groupedByAlphabet[firstLetter] = [];
+      }
+
+      groupedByAlphabet[firstLetter].push(item);
+    });
+
+    const allLetters = Object.keys(groupedByAlphabet);
+
+    return (
+      <div className="glossary article">
+        <Helmet title={`Glossary | ${GatsbyConfig.siteMetadata.title}`} />
+        <div className="sidebar">
+          <div className="sidebar__wrapper">
+            <div className="sidebar__body">
+            {allLetters.map((letter, index) => {
+              return (
+                <div className="sidebar__section" key={index}>
+                  <h3 className="sidebar__title sidebar__title--active">
+                    {letter}
+                  </h3>
+                  <ul className="sidebar__items sidebar__items--active">
+                    {groupedByAlphabet[letter].map((item, index) => {
+                      return (
+                        <li className="sidebar__item" key={index}>
+                          <a href={`#${slugify(item.node.frontmatter.path)}`}>
+                            {item.node.frontmatter.title}
+                          </a>
+                        </li>
+                      )
+                    })}
+                  </ul>
+                </div>
+              )})}
+            </div>
+          </div>
+        </div>
+
+        <div className="article__inner">
+          <h1>Glossary</h1>
+          {edges.map((item, index) => {
+            return (
+              <div className="glossary__wrapper">
+                <div
+                  className="glossary__anchor"
+                  id={slugify(item.node.frontmatter.path)}
+                />
+                <h2>{item.node.frontmatter.title}</h2>
+                <div dangerouslySetInnerHTML={{ __html: item.node.html }} />
+              </div>
+            )
+          })}
+        </div>
+      </div>
+    )
+  }
+}
+
+export default IndexRoute
+
+export const pageQuery = graphql`
+  query glossaryIndexQuery {
+    allMarkdownRemark(
+      filter: { frontmatter: { path: { regex: "/glossary/" } } }
+      sort: { order: ASC, fields: [frontmatter___title] }
+      limit: 1000
+    ) {
+      edges {
+        node {
+          html
+          frontmatter {
+            path
+            title
+          }
+        }
+      }
+    }
+  }
+`
diff --git a/src/templates/glossary.js b/src/templates/glossary.js
@@ -0,0 +1,29 @@
+import React from 'react'
+import Helmet from 'react-helmet'
+import Link from 'gatsby-link'
+import GatsbyConfig from '../../gatsby-config'
+
+export default function Template({ data }) {
+  const { markdownRemark } = data
+  return (
+    <div className="article">
+      <Helmet title={`${markdownRemark.frontmatter.title} | ${GatsbyConfig.siteMetadata.title}`} />
+      <div>
+        <h1>{markdownRemark.frontmatter.title}</h1>
+        <div dangerouslySetInnerHTML={{ __html: markdownRemark.html }} />
+      </div>
+    </div>
+  )
+}
+
+export const pageQuery = graphql`
+  query GlossaryByPath($path: String!) {
+    markdownRemark(frontmatter: { path: { eq: $path } }) {
+      html
+      frontmatter {
+        path
+        title
+      }
+    }
+  }
+`
