gmdavef
Product Manager, Software Supply Chain Security at ReversingLabs. AppSec SME. Former builder & breaker of applications.
ReversingLabsTexas
Pinned Repositories
AspNetCore.Diagnostics.HealthChecks
Enterprise HealthChecks for ASP.NET Core Diagnostics Package
calibre-web
:books: Web app for browsing, reading and downloading eBooks stored in a Calibre database
cicd-goat
A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.
cloudgoat
CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
DVWA
Damn Vulnerable Web Application (DVWA)
example-java-gradle
Example gradle project to demonstrate srcclr scans
example-java-gradle-android
Example project to demonstrate Gradle scans
sca-scripts
Python scripts to automate tasks or extend capabilities of SCA tools and/or SBOMs
security-labs-scripts
Python scripts to automate various administrative tasks in Veracode Security Labs.
struts-showcase
Repo to demonstrate scanning in different CI/CD tools using ReversingLabs Spectra Assure.
gmdavef's Repositories
gmdavef/security-labs-scripts
Python scripts to automate various administrative tasks in Veracode Security Labs.
gmdavef/sca-scripts
Python scripts to automate tasks or extend capabilities of SCA tools and/or SBOMs
gmdavef/struts-showcase
Repo to demonstrate scanning in different CI/CD tools using ReversingLabs Spectra Assure.
gmdavef/AspNetCore.Diagnostics.HealthChecks
Enterprise HealthChecks for ASP.NET Core Diagnostics Package
gmdavef/cicd-goat
A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.
gmdavef/example-java-maven
Example project to demonstrate srcclr scans
gmdavef/example-js-vulnmeth
SourceClear’s example node project with vulnerable methods in third party libraries
gmdavef/fshec2
A known-malicious python package. For testing RL's "composite" action.
gmdavef/GenerateSBOM
Generate an SBOM from Veracode
gmdavef/gmdavef
gmdavef/juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
gmdavef/MailKit
A cross-platform .NET library for IMAP, POP3, and SMTP.
gmdavef/malicious-dependencies
Demonstrates how a malicious dependency could negatively impact the build output.
gmdavef/NodeGoat
The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.
gmdavef/nodejs-goof
Super vulnerable todo list application
gmdavef/owasp-change.github.io
An Open Letter to the OWASP Board
gmdavef/php-goof
Snyk PHP Goof - A vulnerable PHP demo application
gmdavef/PHPMailer
The classic email sending library for PHP
gmdavef/rl-cli-example-struts2showcase-github
Example of canning with the ReversingLabs secure.software CLI with github actions
gmdavef/rl-cli-example-struts2showcase-jenkins
Example of scanning with the ReversingLabs secure.software CLI with Jenkins
gmdavef/rl-cloud-example-struts2showcase-github
Demonstrates scanning with the ReversingLabs SSCS Cloud portal via GitHub Actions.
gmdavef/rl-scanner-metadata
Public Spectra Assure metadata for partner integrations
gmdavef/rust-sscs
gmdavef/spectra-assure-scripts
gmdavef/spectra-assure-sdk
Python package for interfacing with the Spectra Assure Portal API.
gmdavef/spring-petclinic
A sample Spring-based application
gmdavef/spring-web-application
An example web app built upon Spring.
gmdavef/terragoat
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
gmdavef/veracode-api-py
Python helper library for working with the Veracode APIs. Handles retries, pagination, and other features of the modern Veracode REST APIs.
gmdavef/Veracode-Community-Projects
Collection of open source projects that include automation of common Veracode Platform tasks, new integrations, HMAC signing libraries, etc