Jump to content
YOUR-AD-HERE
HOSTING
TOOLS
SERVICE

Search the Community

Showing results for tags 'security/vulnerability/risk'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Staff Control
    • Staff Announcements
  • General doubts | News
    • General doubts
    • News
  • Hacking | Remote Administration | Bugs & Exploits
    • Hacking
    • Remote Administration
    • Bugs & Exploits
  • Programming | Web | SEO | Prefabricated applications
    • General Programming
    • Web Programming
    • Prefabricated Applications
    • SEO
  • Pentesting Zone
    • Pentesting Accounts
    • Reverse Engineering
  • Security & Anonymity
    • Security
    • Wireless Security
    • Web Security
    • Anonymity
  • Operating Systems | Hardware | Programs
    • Operating systems
    • Hardware
    • PC programs
    • iOS
    • Android
  • Graphic Design
    • Graphic Design
  • vBCms Comments
  • live stream tv
    • live stream tv
  • Marketplace
    • Sell
    • Services
    • Request
  • Pentesting Premium
    • Pentesting Accounts
  • Modders Section
    • Source Codes
    • Manuals | Videos
    • Tools
    • Others
  • PRIV8-Section
    • Exploits
    • Accounts|Dumps
    • Crypter|Binder|Bots
    • Tutorials|Videos
    • Cracked Tools
    • Make Money
    • More Tools
    • Databeses
    • Ebooks
  • Pentesting Zone PRIV8
    • Pentesting Accounts
    • Reverse Engineering
    • Cracker Preview Area
  • Carding Zone PRIV8
    • Carding
    • Phishing
    • Defacing
    • Doxing
    • Special User Premium Preview Area
  • Recycle Bin
    • Recycle
  • Null3D's Nulled Group

Product Groups

  • PRIV8
  • Advertising
  • Access Basic
  • Seller
  • Services

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


About Me

Found 2 results

  1. The Hawkeye scanner-cli is project security, vulnerability and general risk highlighting tool. It is meant to be integrated into your pre-commit hooks and your pipelines. Designed to be entirely extensible by just adding new modules with the correct signature to lib/modules Modules return results via a common interface, which permits consolidated reporting and artifact generation Should be very easy to run regardless of the type of project that you’re scanning Modules Modules are basically little bits of code that either implement their own logic, or wrap a third party tool and standardise the output. They only run if the required criteria are met. For example: The npm outdated module would only run if a package.json is detected in the scan target – as a result, you don’t need to tell Hawkeye what type of project you are scanning. Generic Modules files-ccnumber: Scans for suspicious file contents that are likely to contain credit card numbers files-contents: Scans for suspicious file contents that are likely to contain secrets files-entropy: Scans files for strings with high entropy that are likely to contain passwords. Entropy scanning is disabled by default because of the high number of false positives. It is useful to scan codebases every now and then for keys, in which case please run it please using the -m files-entropy switch. files-secrets: Scans for suspicious filenames that are likely to contain secrets Java java-find-secbugs: Finds common security issues in Java code with findsecbugs java-owasp: Scans Java projects for gradle/maven dependencies with known vulnerabilities with the OWASP dependency checker Node.js node-crossenv: Scans node projects for known malicious crossenv dependencies node-npmaudit: Checks node projects for dependencies with known vulnerabilities with npm audit node-npmoutdated: Checks node projects for outdated npm modules with npm outdated PHP php-security-checker: Checks whether the composer.lock contains dependencies with known vulnerabilities using security-checker Python python-bandit: Scans for common security issues in Python code with bandit. python-piprot: Scans python dependencies for out of date packages with piprot python-safety: Checks python dependencies for known security vulnerabilities with the safety tool. Ruby ruby-brakeman: Statically analyzes Rails code for security issues with Brakeman. ruby-bundler-scan: Scan for Ruby gems with known vulnerabilities using bundler Adding a module If you have an idea for a module, please feel free open a feature request in the issues section. If you have a bit of time left, please consider sending us a pull request. To see modules work, please head over to the modules folder to find how things are working. [hide][Hidden Content]]
  2. The Hawkeye scanner-cli is a project security, vulnerability and general risk highlighting tool. It is meant to be integrated into your pre-commit hooks and your pipelines. Designed to be entirely extensible by just adding new modules with the correct signature to lib/modules Modules return results via a common interface, which permits consolidated reporting and artefact generation Should be very easy to run regardless of the type of project that you’re scanning How it works Hawkeye is designed to be extensible by adding modules and writers. Add modules in the modules folder. Add writers in the writers folder. Modules Modules are basically little bits of code that either implement their own logic, or wrap a third party tool and standardise the output. They only run if the required criteria are met. For example: The npm outdated module would only run if a package.json is detected in the scan target – as a result, you don’t need to tell Hawkeye what type of project you are scanning. Generic Modules files-ccnumber: Scans for suspicious file contents that are likely to contain credit card numbers files-contents: Scans for suspicious file contents that are likely to contain secrets files-entropy: Scans files for strings with high entropy that are likely to contain passwords. Entropy scanning is disabled by default because of the high number of false positives. It is useful to scan codebases every now and then for keys, in which case please run it please using the -m files-entropy switch. files-secrets: Scans for suspicious filenames that are likely to contain secrets Java java-find-secbugs: Finds common security issues in Java code with findsecbugs java-owasp: Scans Java projects for gradle/maven dependencies with known vulnerabilities with the OWASP dependency checker Node.js node-crossenv: Scans node projects for known malicious crossenv dependencies node-npmaudit: Checks node projects for dependencies with known vulnerabilities with npm audit node-npmoutdated: Checks node projects for outdated npm modules with npm outdated PHP php-security-checker: Checks whether the composer.lock contains dependencies with known vulnerabilities using security-checker Python python-bandit: Scans for common security issues in Python code with bandit. python-piprot: Scans python dependencies for out of date packages with piprot python-safety: Checks python dependencies for known security vulnerabilities with the safety tool. Ruby ruby-brakeman: Statically analyzes Rails code for security issues with Brakeman. ruby-bundler-scan: Scan for Ruby gems with known vulnerabilities using bundler Adding a module If you have an idea for a module, please feel free open a feature request in the issues section. If you have a bit of time left, please consider sending us a pull request. To see modules work, please head over to the modules folder to find how things are working. Changelog v1.6 Update OWASP dependency check and bundle-audit at build time, no updates at runtime Remove the superfluous node-crossenv module Use temporary file for brakeman report instead of spamming the target folder Use temporary file for findsecbugs report instead of spamming the target folder Remove floating ruby dependencies [HIDE][Hidden Content]]
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.