Pinned Repositories
veracode-collections-sbom
Generate a CycloneDX SBOM across multiple applications that are part of a Veracode Collection.
veracode-community-projects
Unofficial list of interesting projects that build on the Veracode APIs.
veracode-mitigation-copier
Copies mitigations from one Veracode profile to another if it's the same flaw based on the following flaw attributes: issueid, cweid, type, sourcefile, and line. The script will copy all proposed and accepted mitigations for the flaw. The script will skip a flaw in the copy_to build if it already has an accepted mitigation.
veracode-mitigation-rejector
Identifies and optionally rejects self-approved mitigations on policy-violating findings.
veracode-pipeline-mitigation
Retrieves findings with APPROVED mitigations from an application's policy scan (or sandbox) and creates a baseline file for Pipeline Scan. Mitigations in a "proposed" state will not be retrieved.
veracode-pipeline-script-template
Create a Pipeline Scan command line based on application and policy settings from Veracode
veracode-policy-examples
A collection of example application security "policies as code" that can be added to your Veracode organization account using the process below.
veracode-scan-counts
Identify Veracode application profiles with one or more static scans in an incomplete state.
veracode-user-bulk-role-assign
Uses the Veracode Identity API to add roles (Security Labs User, Greenlight IDE User, or eLearning) to existing users.
veracode-api-py
Python helper library for working with the Veracode APIs. Handles retries, pagination, and other features of the modern Veracode REST APIs.
tjarrettveracode's Repositories
tjarrettveracode/veracode-pipeline-mitigation
Retrieves findings with APPROVED mitigations from an application's policy scan (or sandbox) and creates a baseline file for Pipeline Scan. Mitigations in a "proposed" state will not be retrieved.
tjarrettveracode/veracode-mitigation-copier
Copies mitigations from one Veracode profile to another if it's the same flaw based on the following flaw attributes: issueid, cweid, type, sourcefile, and line. The script will copy all proposed and accepted mitigations for the flaw. The script will skip a flaw in the copy_to build if it already has an accepted mitigation.
tjarrettveracode/veracode-collections-sbom
Generate a CycloneDX SBOM across multiple applications that are part of a Veracode Collection.
tjarrettveracode/.github
Organization template repository
tjarrettveracode/veracode-collections-report
Produces a PDF report summarizing the security state of a Collection in the Veracode Platform.
tjarrettveracode/veracode-dyn-details
Get a summary of all the information about dynamic flaws for an application to support remediation.
tjarrettveracode/veracode-archer
Please use the fork of this project at https://github.com/veracode/veracode-archer
tjarrettveracode/veracode-mitigation-rejector
Identifies and optionally rejects self-approved mitigations on policy-violating findings.
tjarrettveracode/veracode-user-bulk-role-assign
Uses the Veracode Identity API to add roles (Security Labs User, Greenlight IDE User, or eLearning) to existing users.
tjarrettveracode/azure-docs
Open source documentation of Microsoft Azure
tjarrettveracode/cfngoat
Cfngoat is Bridgecrew's "Vulnerable by Design" Cloudformation repository. Cfngoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
tjarrettveracode/CyberFRAT-DevSecOps-Training-Sample-Flask-App
This is a sample Flaskr application created to deliver hands-on exercises in the DevSecOps Training at CyberFRAT
tjarrettveracode/DSVW
Damn Small Vulnerable Web
tjarrettveracode/dvpwa
Damn Vulnerable Python Web App
tjarrettveracode/easybuggy
Too buggy web application
tjarrettveracode/example-sbom
tjarrettveracode/juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
tjarrettveracode/nosql-injection-vulnapp
NIVA is a simple web application which is intentionally vulnerable to NoSQL injection. The purpose of this project is to facilitate a better understanding of the NoSQL injection vulnerability among a wide audience of software engineers, security engineers, pentesters, and trainers.
tjarrettveracode/pygoat
intentionally vuln web Application Security in django
tjarrettveracode/SecurityShepherd
Web and mobile application security training platform
tjarrettveracode/terragoat
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
tjarrettveracode/terraoak.aws
TerraOak is Oak9's vulnerable IAC code repo for AWS. This repo will be used for learning and training purposes on how to implement a cloud security posture for AWS.
tjarrettveracode/veracode
Includes the required workflows and configuration files for the Veracode GitHub app
tjarrettveracode/veracode-cli-shortcuts
Collection of handy CLI shortcuts for Veracode APIs
tjarrettveracode/veracode-python-hmac-example
Simple example of usage of the Veracode API signing library provided on the Veracode Help Center
tjarrettveracode/veracode-uploadandscan-action
tjarrettveracode/verademo
A deliberately insecure Java web application
tjarrettveracode/verademo-javascript-api
tjarrettveracode/verademo-python
tjarrettveracode/vulnado
Purposely vulnerable Java application to help lead secure coding workshops