SecureStackCo / actions-codeLinks
A GitHub Action for using SecureStack to analyse a repository codebase for vulnerabilities in library dependencies (software composition analysis).
☆22Updated 3 years ago
Alternatives and similar repositories for actions-code
Users that are interested in actions-code are comparing it to the libraries listed below
Sorting:
- SecureStack Application Bill of Materials (ABOM/SBOM)☆13Updated 2 years ago
- A GitHub Action that scans your public web applications for log4j vulnerabilities after every deployment. Add this to your dev, staging a…☆15Updated 3 years ago
- Adding this GitHub Action will scan your repository for sensitive data in your source code. We find things like passwords, server host s…☆31Updated 2 years ago
- All of our GitHub Actions rolled into one. Or as we like to say: One GitHub Action to rule them all!☆21Updated 2 years ago
- A GitHub Action that scans your public web applications after every deployment. Add this to your dev, staging and prod steps and SecureS…☆24Updated 2 years ago
- A GitHub Action that creates a SBOM from your application so you can meet compliance and security requirements. Add this to your dev, sta…☆24Updated 2 years ago
- Community generated list of API security tests to find OWASP top10, HackerOne top 10 vulnerabilities☆37Updated last week
- Semgrep rules corresponding to the OWASP ASVS standard☆27Updated 4 years ago
- Dependency Confusion Security Testing Tool☆47Updated 2 years ago
- A collection of Semgrep rules which followed security guidelines for .NET and Java.☆23Updated 3 years ago
- My custom semgrep rules☆21Updated 4 years ago
- Running nuclei Continuously☆56Updated 2 years ago
- An extension to use Semgrep inside Burp Suite.☆89Updated last month
- Maturity Model Collaborative project☆15Updated 2 years ago
- PoC: Python package static and dynamic analysis to detect environment variable stealing☆10Updated 4 years ago
- Proof-of-concept code for research into GitHub Actions Cache poisoning.☆21Updated 3 months ago
- Example repository for GitHub Actions Time of Check to Time of Use (TOCTOU vulnerabilities)☆23Updated last month
- A framework for understanding the capabilities of automated detection methods at identifying classes of application security vulnerabilit…☆15Updated 3 weeks ago
- OWASP ASVS Security Evaluation Templates with Nuclei☆35Updated 2 weeks ago
- CircleCI log and security configuration automations☆22Updated 4 years ago
- Blogpost series showcasing interesting cloud - web app security bugs☆49Updated 2 years ago
- Performing automated scan using Burp Suite Pro & Vmware Burp Rest API☆50Updated 2 years ago
- Manager of third-party sources of Semgrep rules 🗂☆87Updated 11 months ago
- Push notifications to Slack channel or to custom server based on BurpSuite response conditions.☆17Updated 4 years ago
- InfoSec OpenAI Examples☆19Updated last year
- DustiLock is a tool to find which of your dependencies is susceptible to a Dependency Confusion attack.☆38Updated 3 years ago
- GHAST (GitHub Actions Static Analysis Tool) is a tool to analyze the security posture of your GitHub Actions and its surrounding environm…☆19Updated last year
- Tool queries the OpenAI API to enhance the description, impact, and recommendation keys of a nuclei template.☆20Updated 2 years ago
- Alternative to XSS Hunter for blind XSS.☆51Updated 2 years ago
- This repository hosts several snippets and file related to the BsidesLV 2024 talk about Shadow and Zombie APIs by me☆18Updated 10 months ago