Name: LunaSec
Type: Organization
Bio: Easily detect and fix security issues like Log4Shell with LunaSec's Open Source security tools. Come join the hundreds of companies already using LunaSec!
Twitter: LunaSecIO
Location: United States of America
Blog: https://www.lunasec.io
LunaSec's Projects
Dockerized POC for CVE-2022-42889 Text4Shell (with LunaSec research notes)
A Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC
An intentionally vulnerable Javascript app containing notable vulnerabilities in its dependencies.
Damn Vulnerable Java (EE) Application
A vulnerability scanner for container images and filesystems
LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
Generate a Snyk dependency tree from package-lock.json or yarn.lock file
Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228) and the possible Spring RCE vulnerability.
This is a dockerized application that is vulnerable to the Spring4Shell vulnerability (CVE-2022-22965).
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
Intentionally vulnerable apps that are used to test LunaTrace.
Yarn 2 plugin to create a separate lockfile per workspace