GitLab CI jobs unmasked passwords scanner
https://github.com/Whitespots-OU/gitlab-ci-secrets
#tools #secrets #devsecops
https://github.com/Whitespots-OU/gitlab-ci-secrets
#tools #secrets #devsecops
GitHub
GitHub - Whitespots-OU/gitlab-ci-secrets: Gitlab CI jobs stdout secrets finder
Gitlab CI jobs stdout secrets finder. Contribute to Whitespots-OU/gitlab-ci-secrets development by creating an account on GitHub.
DevSecOps pipelines
— Secrets scan
— Code scan
— Dependency check (code libraries + image packages)
— DAST
— Exposures check
Pipelines:
https://gitlab.com/whitespots-public/pipelines
Security scanners:
https://gitlab.com/whitespots-public/security-images
Example project integration:
https://gitlab.com/whitespots-public/vulnerable-python-app
#appsec #devsecops #pipelines
— Secrets scan
— Code scan
— Dependency check (code libraries + image packages)
— DAST
— Exposures check
Pipelines:
https://gitlab.com/whitespots-public/pipelines
Security scanners:
https://gitlab.com/whitespots-public/security-images
Example project integration:
https://gitlab.com/whitespots-public/vulnerable-python-app
#appsec #devsecops #pipelines
🔥3👍2
🎁 Application Security Pipelines
(Now with guides)
Scan your code, infrastructure configs and domains with many open source scanners.
Currently supported: trufflehog, gitleaks, bandit, gosec, spotbugs, terrascan, hadolint, retirejs, eslint, phpcs, sonarqube integration, semgrep, arachni, zap, subfinder, nuclei..
All reports will be passed to defectdojo
Guides:
https://github.com/Whitespots-OU/DevSecOps-Pipelines
Integration examples:
https://gitlab.com/whitespots-public/vulnerable-apps
#appsec #devsecops #pipelines
(Now with guides)
Scan your code, infrastructure configs and domains with many open source scanners.
Currently supported: trufflehog, gitleaks, bandit, gosec, spotbugs, terrascan, hadolint, retirejs, eslint, phpcs, sonarqube integration, semgrep, arachni, zap, subfinder, nuclei..
All reports will be passed to defectdojo
Guides:
https://github.com/Whitespots-OU/DevSecOps-Pipelines
Integration examples:
https://gitlab.com/whitespots-public/vulnerable-apps
#appsec #devsecops #pipelines
👍4🔥2
It’s a really powerful security automation platform for those of us who are working on defense side.
🚀 The platform solves such problems as:
— Issues deduplication (within incremental scans + between different scanners using rules);
— Automated verification (using rules);
— Automated resolving (if the issue doesn’t exist in a new report);
— Running of custom tools in a sequence (like Subfinder -> Naabu -> Httpx-> Nuclei);
— Sequences scheduling.
🔗 Source:
https://gitlab.com/whitespots-public/appsec-portal
#devsecops #sast #dast #osa #automation
Please open Telegram to view this post
VIEW IN TELEGRAM
YouTube
How to automate vulnerability scanning process?
Use Whitespots Appliation Security portal to quickly discover vulnerabilities within a few clicks
🔥7❤🔥4👎2