github-leak-audit
faraday
| github-leak-audit | faraday | |
|---|---|---|
| 1 | 8 | |
| 9 | 4,642 | |
| - | 1.8% | |
| 0.0 | 5.0 | |
| 12 months ago | 18 days ago | |
| Python | Python | |
| GNU Affero General Public License v3.0 | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
github-leak-audit
-
Thinking Like a Hacker: Finding Source Code Leaks on GitHub
One is an app I developed to be published alongside this blog post: https://github.com/lawndoc/github-leak-audit. The app uses GitHub’s API to monitor all your GitHub organization members’ personal public repos for potential leaks. It is specifically targeted for the accidental leak scenario described in this blog post. It will detect previously unknown code and new repos. To set it up in your organization, you’ll need to fork the repo under your organization’s ownership, set up a GitHub app or PAT secret for it, and enable the GitHub Actions workflow. Detailed instructions are in the README.
faraday
-
Penetration Testing Report
or you can also use our open source version: https://github.com/infobyte/faraday
-
Vulnerability Scanner
you can try www.faradaysec.com to manage and automate scans of different tools
-
How does the periodic cyber security report should look like?
maybe you could try Faraday (www.faradaysec.com), you can import your tools and generate reports
-
Merge vulnerability discoveries with manual vulnerability assessment
We produce a platform to do basically all of this, we even have an Open Source tier that might cover most of your needs. Check faraday if it fits your bill. Reporting capabilities, integration with ticketing systems such as JIRA, ServiceNow and Gitlab are in our paid tier.
-
What vulnerability management tool for modern DevSecOps?
We just released the new community version of faraday, I think we cover most of your workflow needs. We are also releasing a number of new plugins, like prowler and trivy in the next few days.
-
Recommendation for Vulnerability Management Solution
Faraday: https://github.com/infobyte/faraday
-
django-DefectDojo VS faraday - a user suggested alternative
2 projects | 5 Apr 2022
Similar product
-
Awesome Penetration Testing
Faraday - Multiuser integrated pentesting environment for red teams performing cooperative penetration tests, security audits, and risk assessments.
What are some alternatives?
cicd-goat - A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.
django-DefectDojo - DevSecOps, ASPM, Vulnerability Management. All on one platform.
WALKOFF - A flexible, easy to use, automation framework allowing users to integrate their capabilities and devices to cut through the repetitive, tedious tasks slowing them down. #nsacyber
opencve - CVE Alerting Platform
apicheck - The DevSecOps toolset for REST APIs
Metasploit - Metasploit Framework
goose - A robot for mapping github events into actionable HTTP payloads
cervantes - Cervantes is an open-source, collaborative platform designed specifically for pentesters and red teams. It serves as a comprehensive management tool, streamlining the organization of projects, clients, vulnerabilities, and reports in a single, centralized location.
dockerfile-security - Static security checker for Dockerfiles
evilgrade - Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates.
git-alerts - Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files
WebMap - WebMap-Nmap Web Dashboard and Reporting