Git Product home page Git Product logo

piypil / lun903 Goto Github PK

View Code? Open in Web Editor NEW
1.0 1.0 0.0 23.94 MB

Совместное использование инструментов SAST, DAST и SCA для повышения эффективности обнаружения и устранения уязвимостей программных модулей ─=≡Σ((( つ><)つ📊📊📊

License: MIT License

Python 34.23% HTML 1.40% CSS 1.26% TypeScript 54.95% Shell 6.24% Dockerfile 1.91%
dast pet-project python sast security

lun903's Introduction

lun903's People

Contributors

kigoribu avatar piypil avatar safdtgx avatar semgrep-bot avatar

Stargazers

avatar

Watchers

avatar

lun903's Issues

GIT

Add the ability to scan with git

ZAP

  1. Get to know ZAP. Take a training course. URL
  2. Pick up Mutillidae II or WebGoat
  3. Provide a minimal free-form report on vulnerabilities in these applications and attach this issue

CodeQL

Разработать план внедрения CodeQL

Django

Create a basic Django cascade. With an initial loading page.

Backend (progress_queue, progress)

Global variables (progress_queue, progress) in views are best avoided (need to change code, delete). We need to change the process of displaying downloads completely.

Research

Need to review Commercial projects and grow their idea of creating a loading page. Provide everything in a minimal report and attach it to the issue

I'm attaching the link - click. You'll find a lot of projects there. Choose the ones you think are the most interesting.

TON Connect

implement authentication based on TON Connect

Backend (OWASP ZAP)

Change display ->

  • 1. Use docker ZAP
  • 2. Take results from docker ZAP and save to Postgres
  • 3. Display results via Backend Django (API)

First Step

  • - Set up the database. PostgreSQL
  • - Make a function that will receive a package (ZIP) from the frontend. And send it for scanning (bandit). The ZIP archive must be placed in the database.
  • - Get information and enter it into the database from bandit. Use bandit application for testing
  • - All this information on scanning should be transferred to the frontend.
  • - If there will be time in kamille, add SAST Open surce for Java and GO

Bandit script should be placed only in kamille.

Improve DAST functionality

  • Make 2 scanning options, fast and full scanning
  • Advanced settings -> ability to pass authentication parameters

TON scan

Develop options for the implementation of samrt contract analysis on TON

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.