vlsecurity

vlsecurity's Stars

• ambient-innovation/gitlab-trivy-security-checks

  Gitlab's included container scanning only scans docker images and can't read lockfiles. To fix this, you need to run a Trivy instance yourself and tell it to scan the filesystem instead. This config template can be included in your .gitlab-ci.yml to get the scanning job for free (similar to how the gitlab container scanning thing works).

  23

• gquere/bloodhound_linux

  Ingest openldap data into bloodhound

  Language:Python7811

• goodwithtech/dockle

  Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start

  Language:Go2.8k139

• PabloBrusseel/CCEK

  The ChromeCast Exploitation Kit

  Language:Python3612

• thewhiteh4t/killcast

  Manipulate Chromecast Devices in your Network

  Language:Python23137

• interlynk-io/sbomasm

  SBOM Assembler - A tool to edit SBOM or assemble multiple sboms into a single sbom.

  Language:Go564

• MobSF/Mobile-Security-Framework-MobSF

  Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

  Language:JavaScript17.3k3.2k

• bridgecrewio/checkov

  Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

  Language:Python7.1k1.1k

• neex/gifoeb

  exploit for ImageMagick's uninitialized memory disclosure in gif coder

  Language:Python27860

• MaibornWolff/dd-import

  A utility to (re-)import findings and language data into DefectDojo

  Language:Python4224

• aquasecurity/tfsec

  Tfsec is now part of Trivy

  Language:Go6.7k542

• MobSF/mobsfscan

  mobsfscan is a static analysis tool that can find insecure code patterns in your Android and iOS source code. Supports Java, Kotlin, Swift, and Objective C Code. mobsfscan uses MobSF static analysis rules and is powered by semgrep and libsast pattern matcher.

  Language:Python59996

• Threagile/threagile

  Agile Threat Modeling Toolkit

  Language:Go611128

• iriusrisk/OpenThreatModel

  The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.

  16813

• iriusrisk/startleft

  StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different sources such as IaC files, diagrams or projects exported from Threat Modelling tools.

  Language:Python4813