{{ message }}
Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.
Is your feature request related to a problem? Please describe.
It would be nice if gitleaks had a validate command that would validate examples found in the config rules. Introducing such a feature would speed up rule development and help with debugging.
Describe the solution you'd like
example entry in the rules tables
ex:
[[rules]]
id = "discord-client-secret"
desLynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Is your feature request related to a problem? Please describe.
This is a continuation ticket for zinclabs/zinc#178. Now that we have Swagger support in zinc, we would like to provide the rest of the API Docs.
Describe the solution you'd like
Provide the rest of the Swagger API Documentation by annotating the API Endpoints using https://github.com/swaggo/gin-sw
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Hi & welcome to Scapy's github ! This page lists issues that you can try to fix if you want to start contributing to Scapy.
This list includes wishes and things added by the maintainers based on the issues that we get, but also issues marked with TODO or XXX that already exist in Scapy's code base (layers). If you want to contribute to the project you might just take care one of the bugs.
Daemon to ban hosts that cause multiple authentication errors
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
A static analysis security vulnerability scanner for Ruby on Rails applications
RustScan has an accessible mode, rustscan --accessible which should promise not to have any weird ASCII text in it.
Write CI that runs RustScan with --accessible a few times, with different flags / options and check the terminal output to see if it contains one of these:
[!][~][>]| {}If any of these characters appear in any of the tests, fail the CI. E
Golang security checker
Prowler is an Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 240 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.
Infection Monkey - An automated pentest tool
Attack Surface Management Platform | Sn1perSecurity LLC
We need Vagrant docs, you can find it here https://github.com/NullArray/AutoSploit/tree/dev-beta/Vagrant
The recommendation is to set Cache-Control: private, no-store on any endpoint with sensitive information. Because while you can protect the traffic with TLS, you also need to keep sensitive information out of a client's (unencrypted) HTTP cache. I'm not sure how relevant this is to the API context of step-ca though—I've never seen an HTTP client library that caches content. But I guess the poi
Describe the bug
A clear and concise description of what the bug is.
To Reproduce
Steps to reproduce the behavior:
.bandit file with content:[bandit]
tests: B101,B102,B301
bandit -c .bandit -r module/[main] ERROR .bandit : Error parsing file.Expected behavior
working as described in readme
Bandit version
ba
syzkaller is an unsupervised coverage-guided kernel fuzzer
Hey, here we need add url decoding cuz that invalid link with symbols of get request like ?, &, = etc
p.s thx for awesome tool
A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.
Modlishka. Reverse Proxy.
A Workflow Engine for Offensive Security
Next generation web scanner
Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Linux privilege escalation auditing tool
My simple Swiss Army knife for http/https troubleshooting and profiling.
currently we have a version selector for every git tag, which is unnecessary overhead on the user. It is not needed from documentation perspective as there aren't (shouldn't be) any docs change in patch versions, only for new/changed features.
before:
v0.27.0, v0.27.1, v0.27.2, v0.28.0
after
v0.27, v0.28