security-tools

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

Description

we have NPM7 generated package-lock.json with lockFileVersion = 2. Now when we scan Node.js project using Trivy filesystem scan, Trivy does not find out packages from package-lock.json.
It is working with lockFileVersion = 1

What did you expect to happen?

It should find out packages in package-lock.json

What happened instead?

It did not find out packages from pack

Is your feature request related to a problem? Please describe.
It would be nice if gitleaks had a validate command that would validate examples found in the config rules. Introducing such a feature would speed up rule development and help with debugging.

Describe the solution you'd like
example entry in the rules tables
ex:

[[rules]]
id = "discord-client-secret"
des

Enhancements : Support for RTCP packets (RFC 3550)

RustScan has an accessible mode, rustscan --accessible which should promise not to have any weird ASCII text in it.

Write CI that runs RustScan with --accessible a few times, with different flags / options and check the terminal output to see if it contains one of these:

[!]
[~]
[>]
| {}

If any of these characters appear in any of the tests, fail the CI. E

We need Vagrant docs, you can find it here https://github.com/NullArray/AutoSploit/tree/dev-beta/Vagrant

Describe the bug
In the docs found here:
https://bandit.readthedocs.io/en/latest/plugins/index.html#complete-test-plugin-listing

B109 and B111 show a description instead of a plugin name. This looks inconsistent since all the other plugin names are listed. I believe this is a result of a recent change to remove these deprecated plugins.

To Reproduce

Navigate to https://bandit

FreeBSD uses an rc.d framework for starting up applications. The pidfile is a special case because it is used by the rc system itself. It's used to tell rc how to check the status of the controlled program, or how to stop it. It's not the responsibility of rc to write the pidfile. That falls to the controlled program.

step-ca appears to lack support for creating a pidfile, It's a desirable enha

Hey, here we need add url decoding cuz that invalid link with symbols of get request like ?, &, = etc

p.s thx for awesome tool

Dec	JAN	Feb
	06
2021	2022	2023

security-tools

Here are 2,489 public repositories matching this topic...

aquasecurity / trivy

Description

What did you expect to happen?

What happened instead?

CISOfy / lynis

future-architect / vuls

zricethezav / gitleaks

qeeqbox / social-analyzer

secdev / scapy

smicallef / spiderfoot

fail2ban / fail2ban

toniblyx / my-arsenal-of-aws-security-tools

presidentbeef / brakeman

securego / gosec

We5ter / Scanners-Box

guardicore / monkey

RustScan / RustScan

1N3 / Sn1per

toniblyx / prowler

NullArray / AutoSploit

microsoft / ApplicationInspector

google / syzkaller

PyCQA / bandit

smallstep / certificates

drk1wi / Modlishka

OlivierLaflamme / Cheatsheet-God

urbanadventurer / WhatWeb

yogeshojha / rengine

liamg / traitor

j3ssie / osmedeus

trimstray / htrace.sh

mzet- / linux-exploit-suggester

k8gege / Ladon

Community Powered Security