wazuh-ruleset
flake8-bandit
Our great sponsors
wazuh-ruleset | flake8-bandit | |
---|---|---|
1 | 3 | |
319 | 111 | |
- | - | |
4.7 | 0.0 | |
over 2 years ago | 8 months ago | |
Python | Python | |
- | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
wazuh-ruleset
-
Windows events alerts with Wazuh
In this repository https://github.com/wazuh/wazuh-ruleset you can find the decoders and rules that wazuh-manager has by default (all these files are being migrated to the repository wazuh/wazuh https://github.com/wazuh/wazuh).
flake8-bandit
-
The Ruff python linter is insanely good
flake8-bandit uses bandit behind the scenes: https://github.com/tylerwince/flake8-bandit/blob/main/flake8_bandit.py ruff doesn't and implements the rules directly
-
Python toolkits
flake8-black which uses black for code formatting check.
-
Hardening and Simplifying Python's urlopen
A little disturbing, yes? Bandit agrees. Perhaps you want to consider scanning with that security tool or its related flake8 plugin.
What are some alternatives?
sigma - Main Sigma Rule Repository
bandit - Bandit is a tool designed to find common security issues in Python code.
Fail2Ban - Daemon to ban hosts that cause multiple authentication errors
vulnerablecode - A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/
openscap - NIST Certified SCAP 1.2 toolkit
gosec - Go security checker
openwisp-monitoring - Network monitoring system written in Python and Django, designed to be extensible, programmable, scalable and easy to use by end users: once the system is configured, monitoring checks, alerts and metric collection happens automatically.
content - Security automation content in SCAP, Bash, Ansible, and other formats
loglizer - A machine learning toolkit for log-based anomaly detection [ISSRE'16]
monkey - Infection Monkey - An open-source adversary emulation platform
Check-WP-CVE-2020-35489 - The (WordPress) website test script can be exploited for Unlimited File Upload via CVE-2020-35489