Repositories list

• Essential8-SDLC

  Public
  Software supply chain and the Essential 8 - How to evolve Essential 8 for the modern world

  1•4•0•0•Updated Dec 2, 2023Dec 2, 2023

• app.cheapcryptobank.com

  Public
  Cheap Crypto Bank App source code

  JavaScript

  •31•2•1•1•Updated Nov 21, 2023Nov 21, 2023

• visualizing-software-supply-chain

  Public
  A project to visualize the software supply chain

  MIT License

  •14•36•0•0•Updated Sep 9, 2023Sep 9, 2023

• actions-exposure

  Public
  A GitHub Action that scans your public web applications after every deployment. Add this to your dev, staging and prod steps and SecureStack will make sure that what you've just deployed is secure and meets your requirements.

  deploymentweb-applicationdynamic-analysis+ 13web-vulnerability-scannervulnerability-detectionsoftware-composition-analysisvulnerability-scanningcloud-securitydeployment-pipelinedeployment-automation+ 6

  GNU General Public License v3.0

  •5•24•0•0•Updated Jun 7, 2023Jun 7, 2023

• actions-all-in-one

  Public
  All of our GitHub Actions rolled into one. Or as we like to say: One GitHub Action to rule them all!

  web-vulnerability-scannervulnerability-detectionsecurity-automation+ 9devsecopssoftware-composition-analysisvulnerability-scanningvulnerability-scannerdeployment-pipelinegithub-actionssecret-scanning+ 2

  GNU General Public License v3.0

  •6•21•0•0•Updated Jun 7, 2023Jun 7, 2023

• actions-secrets

  Public
  Adding this GitHub Action will scan your repository for sensitive data in your source code. We find things like passwords, server host strings, API keys, .env and config files and more

  deploymentactionssecrets-scan+ 10vulnerability-detectionsecrets-detectionsecrets-discovery-servicesecrets-scannersecuritysecretssecurity-automation+ 3

  GNU General Public License v3.0

  •4•30•0•0•Updated Jun 7, 2023Jun 7, 2023

• actions-sbom

  Public
  A GitHub Action that creates a SBOM from your application so you can meet compliance and security requirements. Add this to your dev, staging and prod steps and SecureStack will make sure that what you've just deployed is secure and meets your requirements, and has the SBOM to show it!

  securitysecurity-auditdeployment+ 10osecurity-automationbill-of-materialsautomation-testingdeployment-automationsbomsbom-generator+ 3

  GNU General Public License v3.0

  •3•25•0•0•Updated Jun 7, 2023Jun 7, 2023

• actions-abom

  Public
  SecureStack Application Bill of Materials (ABOM/SBOM)

  securitysecurity-auditautomation+ 6deploymentsecurity-automationbill-of-materialsautomation-testingsbomabom

  GNU General Public License v3.0

  •2•13•0•0•Updated Aug 26, 2022Aug 26, 2022

• AECHAM

  Public
  Application Environment Composition and Hierarchy Abstraction Model

  GNU General Public License v3.0

  •0•0•0•0•Updated May 9, 2022May 9, 2022

• actions-log4j

  Public
  A GitHub Action that scans your public web applications for log4j vulnerabilities after every deployment. Add this to your dev, staging and prod steps and SecureStack will make sure that what you've just deployed is secure and meets your requirements.

  javalog4jstatic-analysis+ 17java8vulnerabilitieslog4jsvulnerability-assessmentlog4j2jresoftware-composition-analysis+ 10

  GNU General Public License v3.0

  •2•15•0•0•Updated Apr 9, 2022Apr 9, 2022

• actions-code

  Public
  A GitHub Action for using SecureStack to analyse a repository codebase for vulnerabilities in library dependencies (software composition analysis).

  deploymentvulnerability-detectionsecurity-automation+ 8security-toolssoftware-composition-analysisvulnerability-scannerdeployment-pipelinedeployment-automationsecuritydevsecops+ 1

  GNU General Public License v3.0

  •2•22•0•0•Updated Apr 9, 2022Apr 9, 2022

• accesspress-mitigation

  Public
  Resources to mitigate the AccessPress Theme vulnerabilities

  GNU General Public License v3.0

  •0•1•0•0•Updated Jan 23, 2022Jan 23, 2022

• application-composition-graph

  Public
  This is a description and example of a the concept of an "Application Composition Graph". This graph can be visually represented in a graph format, but more importantly it can be represented in JSON.

  GNU General Public License v3.0

  •0•1•0•0•Updated Dec 27, 2021Dec 27, 2021

• securestack-chrome-extension

  Public
  SecureStack Chrome Extension

  JavaScript

  •

  GNU General Public License v2.0

  •0•0•0•0•Updated Dec 21, 2021Dec 21, 2021

• actions

  Public
  A set of GitHub actions for checking your application for vulnerabilities

  actionssecurestack

  Shell

  •

  GNU General Public License v3.0

  •0•0•0•0•Updated Nov 29, 2021Nov 29, 2021

• SAT4L

  Public
  Security Automation Toolkit for Linux

  0•0•0•0•Updated Jan 12, 2020Jan 12, 2020