vlsecurity's Stars
ambient-innovation/gitlab-trivy-security-checks
Gitlab's included container scanning only scans docker images and can't read lockfiles. To fix this, you need to run a Trivy instance yourself and tell it to scan the filesystem instead. This config template can be included in your .gitlab-ci.yml to get the scanning job for free (similar to how the gitlab container scanning thing works).
gquere/bloodhound_linux
Ingest openldap data into bloodhound
goodwithtech/dockle
Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
PabloBrusseel/CCEK
The ChromeCast Exploitation Kit
thewhiteh4t/killcast
Manipulate Chromecast Devices in your Network
interlynk-io/sbomasm
SBOM Assembler - A tool to edit SBOM or assemble multiple sboms into a single sbom.
MobSF/Mobile-Security-Framework-MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
bridgecrewio/checkov
Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
neex/gifoeb
exploit for ImageMagick's uninitialized memory disclosure in gif coder
MaibornWolff/dd-import
A utility to (re-)import findings and language data into DefectDojo
aquasecurity/tfsec
Tfsec is now part of Trivy
MobSF/mobsfscan
mobsfscan is a static analysis tool that can find insecure code patterns in your Android and iOS source code. Supports Java, Kotlin, Swift, and Objective C Code. mobsfscan uses MobSF static analysis rules and is powered by semgrep and libsast pattern matcher.
Threagile/threagile
Agile Threat Modeling Toolkit
iriusrisk/OpenThreatModel
The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.
iriusrisk/startleft
StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different sources such as IaC files, diagrams or projects exported from Threat Modelling tools.