This project is still in production and not yet fully released. All the work shown in this case study is not final and still subject to change.
The Open Source Security Hub (OSSH) idea came up after the local OWASP chapter raised the need for a system aiming at bringing together security experts and projects in need. I quickly realized I could help out by building it as a project for my mobile- and web-programming course at the university.
Taking the example of many platforms focused on crowdsourced security (Bugcrowd, HackerOne, Crowdcurity, Synack) I opted to develop a framework to make the process simple and intuitive.
The first aspect of the site that I tackled was also the first point of contact between projects and their future researchers. I wanted to advise prospective researchers on their future projects and help them choose something suited for their skills. After some initial research, I found that most of the platforms online didn't design the service this way.
In order to achieve this, we needed to gather data from the users. So I decided to take advantage of the API of Github, Bitbucket and OpenID to get to know the user during the registration phase.
When is the deadline? For now I'm trying to work out the core features and design a solid backend. I would like this framework to be open so I want well-thought-out, creative, clean, tidy code.