SecureStackCo / actions-log4j
A GitHub Action that scans your public web applications for log4j vulnerabilities after every deployment. Add this to your dev, staging and prod steps and SecureStack will make sure that what you've just deployed is secure and meets your requirements.
☆15Updated 3 years ago
Alternatives and similar repositories for actions-log4j:
Users that are interested in actions-log4j are comparing it to the libraries listed below
- SecureStack Application Bill of Materials (ABOM/SBOM)☆13Updated 2 years ago
- A GitHub Action for using SecureStack to analyse a repository codebase for vulnerabilities in library dependencies (software composition …☆22Updated 3 years ago
- A GitHub Action that scans your public web applications after every deployment. Add this to your dev, staging and prod steps and SecureS…☆24Updated last year
- Adding this GitHub Action will scan your repository for sensitive data in your source code. We find things like passwords, server host s…☆30Updated last year
- All of our GitHub Actions rolled into one. Or as we like to say: One GitHub Action to rule them all!☆21Updated last year
- A GitHub Action that creates a SBOM from your application so you can meet compliance and security requirements. Add this to your dev, sta…☆24Updated last year
- Proof of Concepts for unsafe deserialization in Ruby☆17Updated 6 months ago
- Additional active scan checks for BURP☆27Updated 6 months ago
- Proof-of-concept code for research into GitHub Actions Cache poisoning.☆22Updated last month
- This is a collection of ZAProxy Automation Tools and scripts to automate security tests of WEB Applications and WEB Sites☆28Updated last year
- Optimize the utilization of GHAS licenses in an enterprise (or organization)☆13Updated 3 weeks ago
- GHAST (GitHub Actions Static Analysis Tool) is a tool to analyze the security posture of your GitHub Actions and its surrounding environm…☆17Updated last year
- DustiLock is a tool to find which of your dependencies is susceptible to a Dependency Confusion attack.☆37Updated 3 years ago
- Scripts for Sourcegraph search results. Useful for static analysis <3☆27Updated last year
- Action to retrofit a CodeQL bundle with additional queries, libraries, and customizations�☆25Updated 11 months ago
- Example repository for GitHub Actions Time of Check to Time of Use (TOCTOU vulnerabilities)☆23Updated 9 months ago
- ☆38Updated 2 months ago
- OWASP Foundation Web Respository☆31Updated 2 years ago
- Extract domains/subdomains/FQDNs from files and URLs☆20Updated 4 years ago
- Tool queries the OpenAI API to enhance the description, impact, and recommendation keys of a nuclei template.☆20Updated 2 years ago
- A GitHub Actions Supply Chain CTF / Goat☆17Updated 2 months ago
- ☆27Updated last year
- Ffuf output browser☆39Updated 2 years ago
- Nuclei plugins to audit Chrome extensions☆64Updated 9 months ago
- Finds Documents On Cloud Assets Using grayhatwarfare API for short urls☆19Updated 3 years ago
- Go module that returns supported regions for a service or supported services for a region☆17Updated 10 months ago
- Sechead is a powerful security tool developed in Python that allows users to audit the security headers of any website. With Sechead, use…☆12Updated last year
- Perform file-based malware scan on your on-prem servers with AWS☆12Updated last year
- ☆9Updated 3 years ago
- Maturity Model Collaborative project☆15Updated 2 years ago