SecureStackCo / actions-log4jLinks
A GitHub Action that scans your public web applications for log4j vulnerabilities after every deployment. Add this to your dev, staging and prod steps and SecureStack will make sure that what you've just deployed is secure and meets your requirements.
☆14Updated 3 years ago
Alternatives and similar repositories for actions-log4j
Users that are interested in actions-log4j are comparing it to the libraries listed below
Sorting:
- SecureStack Application Bill of Materials (ABOM/SBOM)☆13Updated 3 years ago
- A GitHub Action for using SecureStack to analyse a repository codebase for vulnerabilities in library dependencies (software composition …☆22Updated 3 years ago
- Adding this GitHub Action will scan your repository for sensitive data in your source code. We find things like passwords, server host s…☆31Updated 2 years ago
- Scripts for Sourcegraph search results. Useful for static analysis <3☆28Updated 2 years ago
- All of our GitHub Actions rolled into one. Or as we like to say: One GitHub Action to rule them all!☆21Updated 2 years ago
- Burp plugin for the 1Password session protocol for use by security researchers.☆74Updated 6 months ago
- OWASP ASVS Security Evaluation Templates with Nuclei☆42Updated 2 weeks ago
- Nuclei plugins to audit Chrome extensions☆65Updated last year
- Security Work and Manual Reviews facilitated by Open Source Technology Improvement Fund, aka OSTIF☆33Updated last month
- Additional active scan checks for BURP☆28Updated last year
- A GitHub Action that scans your public web applications after every deployment. Add this to your dev, staging and prod steps and SecureS…☆27Updated 2 years ago
- Dependency Confusion Security Testing Tool☆51Updated 3 years ago
- A set of Gitlab pipelines and Github workflows to automate and ease on BugBounty and Penetration Testing engagements☆28Updated 3 years ago
- Proof-of-concept code for research into GitHub Actions Cache poisoning.☆21Updated 9 months ago
- ☆24Updated 2 years ago
- Monitoring the Cloud Landscape☆91Updated this week
- Dependency Combobulator☆94Updated last year
- A multi-cloud DNS record scanner that aims to help cybersecurity/IT analysts identify dangling CNAME records in their cloud DNS services …☆50Updated 2 years ago
- Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.☆73Updated 3 years ago
- DustiLock is a tool to find which of your dependencies is susceptible to a Dependency Confusion attack.☆40Updated 4 years ago
- GCP Audit checks projects in Google Cloud for compliance with CIS Benchmarks☆29Updated 7 months ago
- Simple website to guess API Key / OAuth Token☆48Updated 3 years ago
- Example repository for GitHub Actions Time of Check to Time of Use (TOCTOU vulnerabilities)☆34Updated 7 months ago
- yataf extracts secrets and paths from files or urls - its best used against javascript files☆52Updated last year
- WAF bypass PoC☆50Updated 2 years ago
- Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.☆34Updated 3 years ago
- An Automated Mass Network Vulnerability Scanner and Recon Tool☆31Updated 2 years ago
- Jumpstart multiple WebSocket servers quickly☆32Updated 4 years ago
- Simple Chatbot for testing AI Red Team tooling☆14Updated 10 months ago
- A vulnerable Cognito application is a simple web app that can be used to practice various Cognito attacks.☆12Updated 3 years ago