symfonycorp / Security Checker Action
The PHP Security Checker
Stars: ✭ 57
Projects that are alternatives of or similar to Security Checker Action
Hardware And Firmware Security Guidance
Guidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber
Stars: ✭ 408 (+615.79%)
Mutual labels: cve
Vfeed
The Correlated CVE Vulnerability And Threat Intelligence Database API
Stars: ✭ 826 (+1349.12%)
Mutual labels: cve
Windowsexploitationresources
Resources for Windows exploit development
Stars: ✭ 631 (+1007.02%)
Mutual labels: cve
Sudo killer
A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.
Stars: ✭ 1,073 (+1782.46%)
Mutual labels: cve
Medusa
🐈Medusa是一个红队武器库平台,目前包括扫描功能(200+个漏洞)、XSS平台、协同平台、CVE监控等功能,持续开发中 http://medusa.ascotbe.com
Stars: ✭ 796 (+1296.49%)
Mutual labels: cve
Java Deserialization Exploits
A collection of curated Java Deserialization Exploits
Stars: ✭ 521 (+814.04%)
Mutual labels: cve
Esfileexploreropenportvuln
ES File Explorer Open Port Vulnerability - CVE-2019-6447
Stars: ✭ 595 (+943.86%)
Mutual labels: cve
Snyk Js Jquery 174006
patches for SNYK-JS-JQUERY-174006, CVE-2019-11358, CVE-2019-5428
Stars: ✭ 21 (-63.16%)
Mutual labels: cve
Hellraiser
Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (+624.56%)
Mutual labels: cve
Kernelhub
🌴Windows Kernel privilege escalation vulnerability collection, with compilation environment, demo GIF map, vulnerability details, executable file
Stars: ✭ 972 (+1605.26%)
Mutual labels: cve
Vulmap
Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能
Stars: ✭ 1,079 (+1792.98%)
Mutual labels: cve
Iva
IVA is a system to scan for known vulnerabilities in software products installed inside an organization. IVA uses CPE identifiers to search for CVEs related to a software product.
Stars: ✭ 49 (-14.04%)
Mutual labels: cve
PHP Security Checker
This action checks your composer.lock for known vulnerabilities in your package dependencies.
Inputs
-
composeroptional The path to thecomposer.lockfile (defaults to the repository root directory). -
disable-exit-codeoptional Set it to1if you don't want the step to fail in case of detected vulnerabilities
Outputs
-
vulnsA JSON payload containing all detected vulnerabilities
Usage
If you want the step to fail whenever there is a security issue in one of your dependencies, use this action:
steps:
- uses: actions/[email protected]
- uses: symfonycorp/[email protected]
To speed up security checks, you can cache the vulnerability database:
steps:
- uses: actions/[email protected]
- uses: actions/[email protected]
id: cache-db
with:
path: ~/.symfony/cache
key: db
- uses: symfonycorp/[email protected]
If the composer.lock is not in the repository root directory, pass is as an
input:
steps:
- uses: actions/[email protected]
- uses: symfonycorp/[email protected]
with:
lock: subdir/composer.lock
Instead of failing, you can also get the vulnerabilities as a JSON output and do something with them in another step:
steps:
- uses: actions/[email protected]
- uses: symfonycorp/[email protected]
with:
disable-exit-code: 1
id: security-check
- name: Display the vulnerabilities as JSON
run: echo ${{ steps.security-check.outputs.vulns }}
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].