As of December 31st, 2023 ThreadFix 2.X has reached End of Life and is no longer supported. For any further information please contact the Success and Implementation team.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 14 Next »

This section is a simple demo that walks through the basic ThreadFix setup and functionality after having set up ThreadFix per our Installation and Upgrade Guide and starting Tomcat.

Accessing the Login Page

After launching Tomcat for the first time after ThreadFix deployment, ThreadFix will connect to your database server and populate the schema. This can take several minutes; you can monitor the progress via the <threadfix_deploy>/logs/threadfix.log file...look for a "Finished updating Enterprise Tags" entry to signal that the deployment is complete. Try accessing the login page to verify.

Example deployment URL...

If you deployed the ThreadFix artifact in the <catalina_home>/webapps/threadfix directory, your ThreadFix URL, by default, would be your Tomcat URL plus "/threadfix" at the end. For instance, If you connect to Tomcat at http://my.tomcat.server:8080, your ThreadFix URL would be http://my.tomcat.server:8080/threadfix.

If the login prompt does not render correctly in Internet Explorer, ensure that Compatibility View is disabled. E.g., you may need to disable the "Display intranet sites in Compatibility View" setting.

Logging In


You can log in with the following default credentials:

  • Username: user
  • Password: password

After logging in for the first time, you should either change the default user's username and password or create a new local admin user and delete the default. For more info, refer to the User Administration section.


Dashboard

After logging in, you'll be presented with the Dashboard.

In order to be able to upload a scan, you'll need to create at least one team and at least one application within that team...you'll see a Get started link to help you do so.


Create Team

When clicking the Get started link in the Dashboard, you'll be directed to the Portfolio page, where you need to click the Add Team button.


Type the desired team name in the New Team modal dialog and click the Add Team button.


A success banner will appear back in the Portfolio page, and your new team will be listed.


Create Application

To create an application in your new team, expand it and click the Add Application button below the team name.

A New Application modal dialog will appear; fill out at least the Name field for the purposes of this demo.


A success banner will appear; you can expand the team to see the newly-created application.


Upload Scan

(Sample scan file: w3af-demo-site.xml)

Expand the application and click the Upload Scan button to open an Upload Scan dialog.

You can either drag and drop a scan file into the dialog or click Browse to navigate to the file.


Alternately, you can click on the application's link to navigate to its Application Details page and either drag and drop a scan file into it or click Action→Upload Scan to open the same dialog shown above.


The uploaded scan will be put into a queue. You can check its progress in the Application Details page...

  • A banner at the top will indicate that changes are pending.
  • Clicking the banner will expand it to show the scan upload being executed.


When complete, the banner at the top will indicate as such; click it to refresh the page, which will show the result of the uploaded scan.





  • No labels

[www.threadfix.it] | [www.coalfire.com]
Copyright © 2024 Coalfire. All rights reserved.

This Information Security Policy is CoalFire - Public: Distribution of this material is not limited.