Explore projects
-
rahome / trivy-cache
Apache License 2.0The purpose of this project is to improve pipeline performance when scanning for vulnerabilities in containers by providing a prebuilt Docker container where the vulnerability database is already downloaded
Updated -
SYSTRA / SDS / infra / gitlab-vulnerabilities
MIT LicenseAutomate docker images analysis by Trivy and manage related Gitlab issues
Updated -
hoppr / hoppr-cop
MIT LicenseHoppr-Cop is CLI and Hoppr Plugin that generates high quality vulnerability information from a cyclone-dx Software Bill of Materials (SBOM) by aggregating data from multiple vulnerability databases.
Updated -
Opensource, cross-platform and portable toolkit for automating routine processes when carrying out various works for testing!
Updated -
Developer Advocacy at GitLab / tutorials / Security and Governance / DevSecOps / Complete DevSecOps Tutorial
MIT LicenseThis basic note-taking application is used to showcase the different GitLab features around security and governance. To get started checkout the Full Tutorial Documentation.
Updated -
errbufferoverfl / jwt_tool
GNU General Public License v3.0 or later🐍 A fork of jwt_tool, a toolkit for testing, tweaking and cracking JSON Web Tokens.Updated -
Scan Docker images for known vulnerabilities
Updated -
Scans selected files for patterns stated in rules. This is used in order to find secrets you may have accidentally written to a file. This scanner is used to show how the GitLab vulnerability report can be populated by a custom scanner. You can see a demo of it in action be following the documentation in the Secret List project.
Updated -
expliot_framework / expliot
GNU Affero General Public License v3.0EXPLIoT - Internet of Things Security Testing and Exploitation framework
Updated -
-
Deprecated project for SAST Docker-in-Docker orchestrator. See https://docs.gitlab.com/ee/user/application_security/sast/index.html for full docs
Archived 41Updated -
Szilárd Pfeiffer / CryptoLyzer
Mozilla Public License 2.0CryptoLyzer is a fast, flexible, and comprehensive server cryptographic protocol (TLS, SSL, SSH, DNSSEC) and related setting (HTTP headers, DNS records) analyzer and fingerprint (JA3, HASSH tag) generator with Python API and CLI.
Updated -
rahome / owasp-dependency-check-cache
Apache License 2.0The purpose of this project is to improve pipeline performance when scanning for vulnerabilities in dependencies by providing a prebuilt Docker container for DependencyCheck where the vulnerability database is already downloaded
Updated -
Lin Song / Docker IPsec VPN Server
Creative Commons Attribution Share Alike 3.0 UnportedMirror of https://github.com/hwdsl2/docker-ipsec-vpn-server. Please open issues and pull requests there. Docker image to run an IPsec VPN server, with IPsec/L2TP, Cisco IPsec and IKEv2. https://hub.docker.com/r/hwdsl2/ipsec-vpn-server
UpdatedUpdated -
hoprco / web-retriever
Apache License 2.0Web Retriever is a robust Python-based API, designed to fetch and retrieve web resources on behalf of clients. It provides an effective solution when direct internet access is not available to the client or when external resources need to be explicitly defined, like in Envoy configurations.
Updated -
D(HE)at Attack / DHEater
Apache License 2.0D(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange.
Updated -
-
This repository shows you how to inject secrets in your application from Hashicorp Vault in Kubernetes
Updated -
Project that brings together several pentest tools
Updated -
MBcom / GitlabKubernetesBridge
Apache License 2.0Plattform to use gitlab kubernetes integration in multi user groups environments.
Updated