Search Results for "coverage"

... a combination of agent-based inspection and agent-less monitoring to provide the widest possible coverage to detect threats. ThreatMapper carries on the good 'shift left' security practices that you already employ in your development pipelines. It continues to monitor running applications against emerging software vulnerabilities and monitors the host and cloud configuration against industry-expert benchmarks.

GmSSL is an open source library of domestic commercial ciphers independently developed by Peking University. It realizes comprehensive functional coverage of national secret algorithms, standards, and secure communication protocols. It supports mainstream operating systems and processors including mobile terminals, and supports cryptographic keys, Cipher cards and other typical domestic cryptographic hardware provide feature-rich command line tools and multiple compiled language programming...

The SpotBugs plugin for security audits of Java web applications. Find Security Bugs is the SpotBugs plugin for security audits of Java web applications. It can detect 141 different vulnerability types with over 823 unique API signatures. Cover popular frameworks including Spring-MVC, Struts, Tapestry and many more. Plugins are available for Eclipse, IntelliJ / Android Studio and NetBeans. Command line integration is available with Ant and Maven. Can be used with systems such as Jenkins and...

... multiple coverage guided fuzzing engines (libFuzzer, AFL, AFL++ and Honggfuzz) for optimal results (with ensemble fuzzing and fuzzing strategies). Statistics for analyzing fuzzer performance, and crash rates. Easy to use web interface for management and viewing crashes. Support for various authentication providers using Firebase.

GitHub Action for license compliance: Python, JavaScript, iOS, Android and more. Detect license names and types for Python PyPI packages. Identify license types for given license names obtained by third-party tools. Great coverage of free/libre and open source licenses of all types: public domain, permissive, copyleft. Check explicit Python dependencies list for copyleft licenses. Check all packages including transitive dependencies. Check CSV file generated by JavaScript license-checker...

Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent dedicated for containerized environments written in Golang and built on top of Merlin project by Russel Van Tuyl. While researching Docker and Kubernetes, we noticed that most of the tools available today are aimed at passive scanning for vulnerabilities in the cluster, and there is a lack of more complex attack vector coverage. They might allow you to see the problem but not exploit it. It is important...