Gitleaks is missing quite a few rules for the Microsoft ecosystem, including Visual Studio, Azure and Azure DevOps.

Microsoft used to have a competing product called credscan, but it was recently deprecated in favor of the GitHub Security offerings.

I've ported most of the rules from credscan to the gitleaks format and put them in a repo here:
https://github.com/jessehouwing/gitleaks-azur

Currently, Trivy traverses all paths and looks for all Gemfile.lock in a container image. However, the image sometimes has only Gemfile.lock and doesn't install gems listed in the Gemfile.lock. I think a gem should have *.gemspec file if it is installed. e.g. rake.gemspec has the information about rake.

To avoid false positives from Gemfile.lock, we are probably able to take advantage of `*

Hi & welcome to Scapy's github ! This page lists issues that you can try to fix if you want to start contributing to Scapy.

This list includes wishes and things added by the maintainers based on the issues that we get, but also issues marked with TODO or XXX that already exist in Scapy's code base (layers). If you want to contribute to the project you might just take care one of the bugs.

We need Vagrant docs, you can find it here https://github.com/NullArray/AutoSploit/tree/dev-beta/Vagrant

RustScan has an accessible mode, rustscan --accessible which should promise not to have any weird ASCII text in it.

Write CI that runs RustScan with --accessible a few times, with different flags / options and check the terminal output to see if it contains one of these:

1. [!]
2. [~]
3. [>]
4. | {}

If any of these characters appear in any of the tests, fail the CI. E

Describe the bug
In the docs found here:
https://bandit.readthedocs.io/en/latest/plugins/index.html#complete-test-plugin-listing

B109 and B111 show a description instead of a plugin name. This looks inconsistent since all the other plugin names are listed. I believe this is a result of a recent change to remove these deprecated plugins.

To Reproduce

1. Navigate to https://bandit

Description

If a provisioner cannot be accessed, e.g. OAuth server is down, allow step-ca to boot up with the remaining functioning provisioners. Probably this is already in the new management revamp but it's worth keeping an issue for this. @dopey could you confirm this?

Use case

This is part of my recent hiccups when bootstrapping a fully integrated server after a long power outag

Is there a way to skip the nmap scan and go straight to the attacking routes? In case i already know the target list is full of open rtsp port IPs.