SecureStackCo / actions-log4j
A GitHub Action that scans your public web applications for log4j vulnerabilities after every deployment. Add this to your dev, staging and prod steps and SecureStack will make sure that what you've just deployed is secure and meets your requirements.
☆15Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for actions-log4j
- SecureStack Application Bill of Materials (ABOM/SBOM)☆13Updated 2 years ago
- A GitHub Action for using SecureStack to analyse a repository codebase for vulnerabilities in library dependencies (software composition …☆21Updated 2 years ago
- Adding this GitHub Action will scan your repository for sensitive data in your source code. We find things like passwords, server host s…☆28Updated last year
- All of our GitHub Actions rolled into one. Or as we like to say: One GitHub Action to rule them all!☆21Updated last year
- A GitHub Action that scans your public web applications after every deployment. Add this to your dev, staging and prod steps and SecureS…☆24Updated last year
- A GitHub Action that creates a SBOM from your application so you can meet compliance and security requirements. Add this to your dev, sta…☆25Updated last year
- DustiLock is a tool to find which of your dependencies is susceptible to a Dependency Confusion attack.☆36Updated 2 years ago
- Additional active scan checks for BURP☆20Updated last month
- Scripts for Sourcegraph search results. Useful for static analysis <3☆24Updated last year
- Web application pentesting recon☆23Updated 4 years ago
- Jumpstart multiple WebSocket servers quickly☆28Updated 2 years ago
- Multithreaded Host Header Redirection Scanner☆12Updated 4 years ago
- This repository hosts several snippets and file related to the BsidesLV 2024 talk about Shadow and Zombie APIs by me☆17Updated 3 months ago
- Performing automated scan using Burp Suite Pro & Vmware Burp Rest API☆48Updated 2 years ago
- Ffuf output browser☆37Updated last year
- yataf extracts secrets and paths from files or urls - its best used against javascript files☆51Updated 2 months ago
- Chrome extension for automating CSPT discovery☆47Updated last month
- Fetch wayback machine historical content for a given url☆9Updated 4 years ago
- ☆12Updated 3 years ago
- GHAST (GitHub Actions Static Analysis Tool) is a tool to analyze the security posture of your GitHub Actions and its surrounding environm…☆16Updated last year
- A steampipe plugin to query projectdiscovery.io tools.☆26Updated 3 months ago
- Make exploiting race conditions in web applications highly efficient and ease-of-use.☆22Updated 6 months ago
- BOR - Break On Request, is a burp extension that provides a custom context menu for marking requests to be stopped by the interceptor wit…☆13Updated last year
- Python's handling of NaN is....interesting?broken?...this project illustrates the issue☆13Updated 2 years ago
- Documentation of Semgrep: a fast, open-source, static analysis tool.☆37Updated this week
- A tool for check available dependency packages across npmjs, PyPI or RubyGems registry.☆28Updated 2 years ago
- Programs I Made while learning python for pentesters.☆18Updated 2 years ago
- Create your own recon & vulnerability scanner with Trickest and GitHub☆49Updated last year
- Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.☆29Updated 2 years ago
- ☆9Updated 2 years ago