LunaSec
Easily detect and fix security issues like Log4Shell with LunaSec's Open Source security tools. Come join the hundreds of companies already using LunaSec!
United States of America
Pinned Repositories
cve-2022-42889-text4shell-docker
Dockerized POC for CVE-2022-42889 Text4Shell (with LunaSec research notes)
damn-vulnerable-js-sca
An intentionally vulnerable Javascript app containing notable vulnerabilities in its dependencies.
dvja
Damn Vulnerable Java (EE) Application
grype
A vulnerability scanner for container images and filesystems
lunasec
LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
spring-rce-vulnerable-app
Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228) and the possible Spring RCE vulnerability.
Spring4Shell-POC
This is a dockerized application that is vulnerable to the Spring4Shell vulnerability (CVE-2022-22965).
syft
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
vulnerable-app
Intentionally vulnerable apps that are used to test LunaTrace.
yarn-plugin-workspace-lockfile
Yarn 2 plugin to create a separate lockfile per workspace
LunaSec's Repositories
lunasec-io/lunasec
LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
lunasec-io/Spring4Shell-POC
This is a dockerized application that is vulnerable to the Spring4Shell vulnerability (CVE-2022-22965).
lunasec-io/spring-rce-vulnerable-app
Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228) and the possible Spring RCE vulnerability.
lunasec-io/damn-vulnerable-js-sca
An intentionally vulnerable Javascript app containing notable vulnerabilities in its dependencies.
lunasec-io/vulnerable-app
Intentionally vulnerable apps that are used to test LunaTrace.
lunasec-io/cve-2022-42889-text4shell-docker
Dockerized POC for CVE-2022-42889 Text4Shell (with LunaSec research notes)
lunasec-io/syft
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
lunasec-io/cwe-sdk-javascript
A Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC
lunasec-io/dvja
Damn Vulnerable Java (EE) Application
lunasec-io/grype
A vulnerability scanner for container images and filesystems
lunasec-io/yarn-plugin-workspace-lockfile
Yarn 2 plugin to create a separate lockfile per workspace
lunasec-io/nodejs-lockfile-parser
Generate a Snyk dependency tree from package-lock.json or yarn.lock file