security-tools

Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.

It would be nice if lynis would gather (and report in the portal/reports) information about user-accounts:

Expired or soon to expire passwords (passwd -e)
Locked accounts (passwd -S )
Expired accounts (chage -E / chage -l )

Is your feature request related to a problem? Please describe.
I would like to be able to whitelist a commit within the rule. Furthermore, I would like the ability to have multiple whitelists for commits so I can add more descriptive tags from which repo the commit lives etc.

Describe the solution you'd like

[[rules]]
	description = "AWS Secret Key"
	regex = '''(?i)aws(.{0,20}

Trivy has client/server mode and the server provides some endpoints. It would be useful if it provides /healthz that returns status code 200 and simply "ok" in the case of running Trivy server in k8s cluster. Ideally, we should check the download of the DB, but it is enough to simply return 200 as a first step.

$ trivy server
2020-06-23T11:27:59.747+0300    INFO    Listening localhost:4

We need Vagrant docs, you can find it here https://github.com/NullArray/AutoSploit/tree/dev-beta/Vagrant

Describe the bug
In the docs found here:
https://bandit.readthedocs.io/en/latest/plugins/index.html#complete-test-plugin-listing

B109 and B111 show a description instead of a plugin name. This looks inconsistent since all the other plugin names are listed. I believe this is a result of a recent change to remove these deprecated plugins.

To Reproduce

Navigate to https://bandit

Would be awesome if it would be possible to save the found streams to a M3U file, compatible with VLC. An example template of a valid M3U file is the following:

#EXTM3U
#EXTINF:-1 tvg-id="" tvg-name="" tvg-language="" tvg-logo="" tvg-country="" tvg-url="" group-title="",[IP AND CHANNELID HERE FOR NAME]
rtsp://192.168.0.5/route/to/stream/here

#EXTINF:-1 tvg-id="" tvg-name="" tvg-langua

What would you like to be added

Add support for a DynamoDB storage backend. Although MySQL is available, it would require to run a RDS Instance for it. Extra costs, backup considerations, etc. Even with Aurora Serverless.

DynamoDB is just there, scales as needed with OnDemand pricing and has fine backup capabilities.

Why this is needed

We plan to run step-ca in AWS ECS on Farga

Describe the solution you'd like
Progress bars that show progress would be neato

Additional context
https://crates.io/crates/indicatif

Aug	SEP	Oct
	05
2019	2020	2021

security-tools

Here are 1,755 public repositories matching this topic...

future-architect / vuls

CISOfy / lynis

zricethezav / gitleaks

presidentbeef / brakeman

secdev / scapy

fail2ban / fail2ban

toniblyx / my-arsenal-of-aws-security-tools

aquasecurity / trivy

NullArray / AutoSploit

atinfo / awesome-test-automation

microsoft / ApplicationInspector

securego / gosec

guardicore / monkey

trimstray / htrace.sh

google / syzkaller

drk1wi / Modlishka

toniblyx / prowler

PyCQA / bandit

urbanadventurer / WhatWeb

j3ssie / Osmedeus

OlivierLaflamme / Cheatsheet-God

WhaleShark-Team / cobra

Ullaakut / cameradar

smallstep / certificates

What would you like to be added

Why this is needed

toolswatch / blackhat-arsenal-tools

RustScan / RustScan

mzet- / linux-exploit-suggester

KuroLabs / stegcloak

k8gege / Ladon

jakejarvis / awesome-shodan-queries