security-tools

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

It would be nice if lynis would gather (and report in the portal/reports) information about user-accounts:

Expired or soon to expire passwords (passwd -e)
Locked accounts (passwd -S )
Expired accounts (chage -E / chage -l )

A great resource of various types of sensitive keys can be found here: https://gist.github.com/EdOverflow/8bd2faad513626c413b8fc6e9d955669

Trivy has client/server mode and the server provides some endpoints. It would be useful if it provides /healthz that returns status code 200 and simply "ok" in the case of running Trivy server in k8s cluster. Ideally, we should check the download of the DB, but it is enough to simply return 200 as a first step.

$ trivy server
2020-06-23T11:27:59.747+0300    INFO    Listening localhost:4

We need Vagrant docs, you can find it here https://github.com/NullArray/AutoSploit/tree/dev-beta/Vagrant

Describe the bug
In the docs found here:
https://bandit.readthedocs.io/en/latest/plugins/index.html#complete-test-plugin-listing

B109 and B111 show a description instead of a plugin name. This looks inconsistent since all the other plugin names are listed. I believe this is a result of a recent change to remove these deprecated plugins.

To Reproduce

Navigate to https://bandit

Would be awesome if it would be possible to save the found streams to a M3U file, compatible with VLC. An example template of a valid M3U file is the following:

#EXTM3U
#EXTINF:-1 tvg-id="" tvg-name="" tvg-language="" tvg-logo="" tvg-country="" tvg-url="" group-title="",[IP AND CHANNELID HERE FOR NAME]
rtsp://192.168.0.5/route/to/stream/here

#EXTINF:-1 tvg-id="" tvg-name="" tvg-langua

What would you like to be added

Add support for a DynamoDB storage backend. Although MySQL is available, it would require to run a RDS Instance for it. Extra costs, backup considerations, etc. Even with Aurora Serverless.

DynamoDB is just there, scales as needed with OnDemand pricing and has fine backup capabilities.

Why this is needed

We plan to run step-ca in AWS ECS on Farga

Describe the bug
We have doc comments in the code, but we're not appearing on https://docs.rs

I believe we should automatically be added when we publish to Cargo, in this case we are not.

To Reproduce
https://docs.rs/releases/search?query=rustscan

Expected behavior
We appear on the docs site.

security-tools

Here are 1,723 public repositories matching this topic...

future-architect / vuls

CISOfy / lynis

zricethezav / gitleaks

presidentbeef / brakeman

secdev / scapy

fail2ban / fail2ban

toniblyx / my-arsenal-of-aws-security-tools

aquasecurity / trivy

NullArray / AutoSploit

atinfo / awesome-test-automation

microsoft / ApplicationInspector

securego / gosec

guardicore / monkey

trimstray / htrace.sh

google / syzkaller

drk1wi / Modlishka

toniblyx / prowler

PyCQA / bandit

urbanadventurer / WhatWeb

j3ssie / Osmedeus

OlivierLaflamme / Cheatsheet-God

WhaleShark-Team / cobra

Ullaakut / cameradar

toolswatch / blackhat-arsenal-tools

smallstep / certificates

What would you like to be added

Why this is needed

mzet- / linux-exploit-suggester

RustScan / RustScan

KuroLabs / stegcloak

k8gege / Ladon

jakejarvis / awesome-shodan-queries