GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → Roave → Securityadvisories

Roave / Securityadvisories

Licence: mit
🔐 Security advisories as a simple composer exclusion list, updated daily

Labels

composerinfosecsecurity-vulnerabilitysecurity-advisoriessecurity-vulnerabilities

Projects that are alternatives of or similar to Securityadvisories

Crithit
Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (-92.01%)
Mutual labels:  infosec, security-vulnerability
Pentesting
Misc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (-98.95%)
Mutual labels:  infosec, security-vulnerability
Resources
A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-97.28%)
Mutual labels:  infosec, security-vulnerability
Slack Watchman
Monitoring your Slack workspaces for sensitive information
Stars: ✭ 159 (-93.02%)
Mutual labels:  infosec
Python Honeypot
OWASP Honeypot, Automated Deception Framework.
Stars: ✭ 160 (-92.98%)
Mutual labels:  infosec
Pwnshop
Exploit Development, Reverse Engineering & Cryptography
Stars: ✭ 167 (-92.67%)
Mutual labels:  infosec
Docker Security Images
🔐 Docker Container for Penetration Testing & Security
Stars: ✭ 172 (-92.45%)
Mutual labels:  infosec
Cachet
📛 An open source status page system for everyone.
Stars: ✭ 12,478 (+447.52%)
Mutual labels:  composer
Imall
基于Laravel5.2,Vue.js1.0的微信商城,用于熟悉 Laravel、Vuejs、Webpack、Gulp 的结合使用,已不维护及更新。(1MB单核基础服务器,浏览请耐心等待图片加载...)
Stars: ✭ 168 (-92.63%)
Mutual labels:  composer
Telegram Bot Sdk
🤖 Telegram Bot API PHP SDK. Lets you build Telegram Bots easily! Supports Laravel out of the box.
Stars: ✭ 2,212 (-2.94%)
Mutual labels:  composer
Asnlookup
Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.
Stars: ✭ 163 (-92.85%)
Mutual labels:  infosec
Hprose Php
Hprose is a cross-language RPC. This project is Hprose 3.0 for PHP
Stars: ✭ 1,952 (-14.35%)
Mutual labels:  composer
Dymerge
🔓 A dynamic dictionary merger for successful dictionary based attacks.
Stars: ✭ 167 (-92.67%)
Mutual labels:  infosec
Pcmtowav
🎵PHP实现PCM格式音波文件转WAV格式音频文件
Stars: ✭ 160 (-92.98%)
Mutual labels:  composer
Smogcloud
Find cloud assets that no one wants exposed 🔎 ☁️
Stars: ✭ 168 (-92.63%)
Mutual labels:  infosec
Packages
Enhances Composer Satis with webhook integrations to GitHub and GitLab
Stars: ✭ 157 (-93.11%)
Mutual labels:  composer
Private Composer Installer
Composer install helper outsourcing sensitive keys from the package URL into environment variables
Stars: ✭ 168 (-92.63%)
Mutual labels:  composer
Cms
Modular CMS powered by CakePHP
Stars: ✭ 163 (-92.85%)
Mutual labels:  composer
Laravel Ecommerce
Laravel open source e-commerce system.
Stars: ✭ 163 (-92.85%)
Mutual labels:  composer
Hackthebox
Notes Taken for HTB Machines & InfoSec Community.
Stars: ✭ 167 (-92.67%)
Mutual labels:  infosec
View All Similar Projects ➔

Roave Security Advisories

Hourly build Downloads

This package ensures that your application doesn't have installed dependencies with known security vulnerabilities.

Installation

composer require --dev roave/security-advisories:dev-latest

Usage

This package does not provide any API or usable classes: its only purpose is to prevent installation of software with known and documented security issues. Simply add "roave/security-advisories": "dev-latest" to your composer.json "require-dev" section and you will not be able to harm yourself with software with known security vulnerabilities.

For example, try following:

composer require --dev roave/security-advisories:dev-latest
# following commands will fail:
composer require symfony/symfony:2.5.2
composer require zendframework/zendframework:2.3.1

The checks are only executed when adding a new dependency via composer require or when running composer update: deploying an application with a valid composer.lock and via composer install won't trigger any security versions checking.

You can manually trigger a version check by using the --dry-run switch on an update while not doing anything. Running composer update --dry-run roave/security-advisories is an effective way to manually trigger a security version check.

roave/security-advisories for enterprise

Available as part of the Tidelift Subscription.

The maintainers of roave/security-advisories and thousands of other packages are working with Tidelift to deliver commercial support and maintenance for the open source dependencies you use to build your applications. Save time, reduce risk, and improve code health, while paying the maintainers of the exact dependencies you use. Learn more.

You can also contact us at [email protected] for looking into security issues in your own project.

Stability

This package can only be required in its dev-latest version: there will never be stable/tagged versions because of the nature of the problem being targeted. Security issues are in fact a moving target, and locking your project to a specific tagged version of the package would not make any sense.

This package is therefore only suited for installation in the root of your deployable project.

Sources

This package extracts information about existing security issues in various composer projects from the FriendsOfPHP/security-advisories repository and the GitHub Advisory Database.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].