bad_json_parsers
whispers
bad_json_parsers | whispers | |
---|---|---|
2 | 2 | |
365 | 463 | |
- | - | |
0.0 | 0.0 | |
over 1 year ago | 7 months ago | |
Python | Python | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
bad_json_parsers
- Exposing problems in JSON parsers of several programming languages
-
Parsing JSON is a Minefield 💣 (2018)
The nginx default is 1MB, which gets you 512 uncompressed nested arrays. That's already beyond the nesting limit of many parsers (see the Results section of that repository README, which documents the limit on many different language libraries).
whispers
-
I made an app that lets you search all your apps and files at once
Something like https://github.com/Skyscanner/whispers
- Skyscanner/whispers - Identify hardcoded secrets and dangerous behaviours
What are some alternatives?
HDR-Multi-Tool - A graphical user interface for parsing HDR10+ and Dolby Vision
ggshield - Find and fix 360+ types of hardcoded secrets and 70+ types of infrastructure-as-code misconfigurations.
parse_it - A python library for parsing multiple types of config files, envvars & command line arguments that takes the headache out of setting app configurations.
repo-supervisor - Scan your code for security misconfiguration, search for passwords and secrets. :mag:
deadshot - Deadshot is a Github pull request scanner to identify sensitive data being committed to a repository
ssh-crypt - This tool helps you to keep passwords inside your shell scripts safely
leaky-repo - Benchmarking repo for secrets scanning
yaml.el - YAML parser in Elisp
tartufo - Searches through git repositories for high entropy strings and secrets, digging deep into commit history
kscp - Kubernetes Secrets Control Plane
git-alerts - Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files
LogixLibraries - Collections of Studio 5000 AOIs, UDTs, general design patterns, and sample programs.