SecureStackCo / actions-log4jLinks
A GitHub Action that scans your public web applications for log4j vulnerabilities after every deployment. Add this to your dev, staging and prod steps and SecureStack will make sure that what you've just deployed is secure and meets your requirements.
☆15Updated 3 years ago
Alternatives and similar repositories for actions-log4j
Users that are interested in actions-log4j are comparing it to the libraries listed below
Sorting:
- SecureStack Application Bill of Materials (ABOM/SBOM)☆13Updated 3 years ago
- A GitHub Action for using SecureStack to analyse a repository codebase for vulnerabilities in library dependencies (software composition …☆22Updated 3 years ago
- Adding this GitHub Action will scan your repository for sensitive data in your source code. We find things like passwords, server host s…☆31Updated 2 years ago
- All of our GitHub Actions rolled into one. Or as we like to say: One GitHub Action to rule them all!☆21Updated 2 years ago
- A GitHub Action that scans your public web applications after every deployment. Add this to your dev, staging and prod steps and SecureS…☆27Updated 2 years ago
- Simple Chatbot for testing AI Red Team tooling☆14Updated 8 months ago
- Scripts for Sourcegraph search results. Useful for static analysis <3☆28Updated 2 years ago
- Burp plugin for the 1Password session protocol for use by security researchers.☆72Updated 4 months ago
- Dependency Combobulator☆93Updated last year
- Proof-of-concept code for research into GitHub Actions Cache poisoning.☆21Updated 7 months ago
- Additional active scan checks for BURP☆28Updated last year
- This repository hosts several snippets and file related to the BsidesLV 2024 talk about Shadow and Zombie APIs by me☆18Updated last year
- GHAST (GitHub Actions Static Analysis Tool) is a tool to analyze the security posture of your GitHub Actions and its surrounding environm…☆21Updated 2 years ago
- WAF bypass PoC☆49Updated 2 years ago
- Fast and passive subdomain enumeration.☆17Updated 3 years ago
- 2022 CTF public release☆23Updated 3 years ago
- Blogpost series showcasing interesting cloud - web app security bugs☆49Updated 2 years ago
- GCP Audit checks projects in Google Cloud for compliance with CIS Benchmarks☆27Updated 4 months ago
- Security Work and Manual Reviews facilitated by Open Source Technology Improvement Fund, aka OSTIF☆33Updated 3 months ago
- Manage attack surface data on Elasticsearch☆23Updated last year
- URL / IP / Email defanging with Javascript. Make IoC harmless.☆31Updated 11 months ago
- ☆50Updated last week
- Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.☆72Updated 3 years ago
- Files and Folders list used in file enumeration during Bug Bounty☆12Updated 4 years ago
- Simple PoC for demonstrating Race Conditions on Websockets☆55Updated 2 years ago
- A set of Gitlab pipelines and Github workflows to automate and ease on BugBounty and Penetration Testing engagements☆27Updated 2 years ago
- A vulnerable Cognito application is a simple web app that can be used to practice various Cognito attacks.☆12Updated 3 years ago
- Example repository for GitHub Actions Time of Check to Time of Use (TOCTOU vulnerabilities)☆31Updated 5 months ago
- gRPC / gRPC-Web Pentest Practicing Lab☆11Updated 2 years ago
- PoC List☆11Updated 3 years ago