SecureStackCo / actions-log4j
A GitHub Action that scans your public web applications for log4j vulnerabilities after every deployment. Add this to your dev, staging and prod steps and SecureStack will make sure that what you've just deployed is secure and meets your requirements.
☆15Updated 2 years ago
Alternatives and similar repositories for actions-log4j:
Users that are interested in actions-log4j are comparing it to the libraries listed below
- SecureStack Application Bill of Materials (ABOM/SBOM)☆13Updated 2 years ago
- A GitHub Action for using SecureStack to analyse a repository codebase for vulnerabilities in library dependencies (software composition …☆22Updated 2 years ago
- A GitHub Action that scans your public web applications after every deployment. Add this to your dev, staging and prod steps and SecureS…☆24Updated last year
- Adding this GitHub Action will scan your repository for sensitive data in your source code. We find things like passwords, server host s…☆30Updated last year
- All of our GitHub Actions rolled into one. Or as we like to say: One GitHub Action to rule them all!☆21Updated last year
- A GitHub Action that creates a SBOM from your application so you can meet compliance and security requirements. Add this to your dev, sta…☆25Updated last year
- The Secure Coding Framework☆21Updated 4 years ago
- GHAST (GitHub Actions Static Analysis Tool) is a tool to analyze the security posture of your GitHub Actions and its surrounding environm…☆17Updated last year
- Vulnerability disclosure policies in the US Government's executive branch☆37Updated 2 years ago
- An Exploitation script developed to exploit the CVE-2023-4966 bleed citrix information disclosure vulnerability☆9Updated last year
- Raf Scanner IDE☆10Updated last year
- 📚A curated list of product security resources.☆19Updated 2 years ago
- OWASP Foundation Web Respository☆10Updated last year
- Additional active scan checks for BURP☆26Updated 5 months ago
- OWASP Foundation Web Respository☆28Updated 7 months ago
- DustiLock is a tool to find which of your dependencies is susceptible to a Dependency Confusion attack.☆37Updated 3 years ago
- A basic Python program to check Cybersecurity & Infrastructure Security Agency (CISA) Known Exploited Vulnerabilities (KEV) Catalog☆18Updated last year
- Web application pentesting recon☆23Updated 4 years ago
- Maturity Model Collaborative project☆14Updated 2 years ago
- ☆20Updated 2 years ago
- This repository hosts several snippets and file related to the BsidesLV 2024 talk about Shadow and Zombie APIs by me☆18Updated 7 months ago
- Finds Documents On Cloud Assets Using grayhatwarfare API for short urls☆18Updated 3 years ago
- Example repository for GitHub Actions Time of Check to Time of Use (TOCTOU vulnerabilities)☆23Updated 9 months ago
- Go Damn Vulnerable Web App☆22Updated 8 months ago
- Demonstrates how a malicious dependency could negatively impact the build output.☆25Updated last year
- Utility to check the integrity of your DNS managed zones at your cloud service provider☆14Updated 3 years ago
- This repository contains links to all the 100 days tweets that I posted during the #100DaysOfHacking challenge.☆15Updated 2 years ago
- Recon tool☆11Updated 3 years ago
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.☆40Updated last year
- Advanced test for proxy & waf☆13Updated 6 months ago