SonarQubeCommunity / sonar-fortifyLinks
Fortify SCA Plugin for SonarQube
☆14Updated 3 years ago
Alternatives and similar repositories for sonar-fortify
Users that are interested in sonar-fortify are comparing it to the libraries listed below
Sorting:
- A technique for developing Fortify structural rules and characterization rules.☆14Updated 5 years ago
- An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions☆123Updated 7 years ago
- Custom Fortify SCA rules to detect common JSSE certification validation flaws☆11Updated 9 years ago
- Baseline IoT security checklist. Consider security as early in development as possible and reap the rewards.☆30Updated 7 years ago
- python restful api fuzz test☆51Updated last year
- siberas JMX exploitation toolkit☆130Updated 2 years ago
- poc or exp of some famous vulnerability☆14Updated 11 years ago
- MOSEC-X-PLUGIN 后端API服务☆24Updated 4 years ago
- Repository to hold materials for DefCon_RESTing presentation by Dinis, Abe and Alvaro☆53Updated 11 years ago
- A static analysis API for finding deserialization attack gadgets☆38Updated 2 years ago
- Fortify SonarQube Plugin☆22Updated 4 years ago
- All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities☆27Updated 3 years ago
- Identify vulnerable libraries in Maven dependencies☆46Updated 2 years ago
- POC for XStream RCE☆13Updated 11 years ago
- Read and write Fortify Project (FPR) files in Python☆40Updated 5 years ago
- XSS payloads for edge cases☆34Updated 6 years ago
- 常用服务器、数据库、中间件安全配置基线 - 基本包括了所有的操作系统、数据库、中间件、网络设备、浏览器,安卓、IOS、云的安全配置 For benchmarks.cisecurity.org☆14Updated 8 years ago
- A tool for detecting XML External Entity (XXE) vulnerabilities in Java applications☆72Updated 10 years ago
- sAoccec something about ossec☆17Updated 12 years ago
- RCE Exploit PoC for Spring based RESTFul APIs using XStream as Unmarshaler☆20Updated 11 years ago
- AndroidManifest.xml security auditor☆71Updated 12 years ago
- A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs☆54Updated 8 years ago
- Example of passing file descriptors into a container to perform a privilege escalation on the host☆23Updated 4 years ago
- Exploiting CVE-2017-7525 demo project with Angular7 frontend and Spring.☆18Updated 6 years ago
- A fast generative fuzzer for HTTP☆17Updated 6 years ago
- ☆76Updated 11 years ago
- Proof of concept showing how java byte code can be injected through InitialContext.lookup() calls☆42Updated 9 years ago
- ☆46Updated 9 years ago
- 目标系统信息收集组件☆12Updated 10 years ago