Implement SAST + DAST through Github actions

Syed Umar Arfeen

Last update: Nov 9, 2022

Related tags

Third-party APIs Wrappers sast-dast

Overview

Implement SAST + DAST through Github actions

The repository is supposed to implement SAST+DAST checks using github actions against a vulnerable python application which allows RCE. Goal is to detect it before it gets pushed into production.

Roadmap

Python vulnerable RCE application
Github actions (executes on PR to main/master branch)
- Implement SAST using bandit
- Implement DAST using OWASP ZAP (need app deployed somewhere - k8s to the rescue!)
- Deploy application using Kubernetes for OWASP ZAP scan
Post gist of found vulnerabilities in Slack
- SAST - Use hashicorp vault to reference slack bot credentials
- DAST - Use hashicorp vault to reference slack bot credentials

Automation that uses Github Actions, Google Drive API, YouTube Data API and youtube-dl together to feed BackJam app with new music

1 Nov 21, 2021

42-event-notifier - 42 Event notifier using 42API and Github Actions

42 Event Notifier 42서울 Agenda에 새로운 이벤트가 등록되면 알려드립니다! 현재는 Github Issue로 등록되므로 상단

6 May 16, 2022

GitHub Actions Docker training

GitHub-Actions-Docker-training Training exercise repository for GitHub Actions using a docker base. This repository should be cloned and used for trai

1 Jan 21, 2022

Receive GitHub webhook events and send to Telegram chats with AIOHTTP through Telegram Bot API

GitHub Webhook to Telegram Receive GitHub webhook events and send to Telegram chats with AIOHTTP through Telegram Bot API What this project do is very

33 Jan 3, 2023

GitHub Activity Generator - A script that helps you instantly generate a beautiful GitHub Contributions Graph for the last year.

GitHub Activity Generator A script that helps you instantly generate a beautiful GitHub Contributions Graph for the last year. Before 😐 😶 😒 After ?

1 Dec 30, 2021

🤖 Automated follow/unfollow bot for GitHub. Uses GitHub API. Written in python.

GitHub Follow Bot Table of Contents Disclaimer How to Use Install requirements Authenticate Get a GitHub Personal Access Token Add your GitHub usernam

37 Dec 27, 2022

Github-Checker - Simple Tool To Check If Github User Available Or Not

Github Checker Simple Tool To Check If Github User Available Or Not Socials: Lan

7 Jan 30, 2022

HTTP Calls to Amazon Web Services Rest API for IoT Core Shadow Actions 💻🌐💡

aws-iot-shadow-rest-api HTTP Calls to Amazon Web Services Rest API for IoT Core Shadow Actions 💻 🌐 💡 This simple script implements the following aw

3 Jun 6, 2022

Tubee is a web application, which runs actions when your subscribed channel upload new videos

Tubee is a web application, which runs actions when your subscribed channel upload new videos, think of it as a better IFTTT but built specifically for YouTube with many enhancements.

11 Jan 1, 2023

Owner

Syed Umar Arfeen

Sr. Security Engineer @Ebryx, OSCP, OSWE, Penetration Tester, Weeb, !Dank Memer, and as you can see a "wanna-be" programmer as well :)

GitHub

A github actions + python code to extract URLs to code repositories to put into standard form, starting with github

A github actions + python code to extract URLs to code repositories to put into standard form, starting with github ---- NOTE: JUS

2 Nov 15, 2021

Use GitHub Actions to create a serverless service.

ActionServerless - Use GitHub Actions to create a serverless service ActionServerless is an action to do some computing and then generate a string/JSO

107 Oct 28, 2022

可基于【腾讯云函数】/【GitHub Actions】/【Docker】的每日签到脚本（支持多账号使用）签到列表: ｜爱奇艺｜全民K歌｜腾讯视频｜有道云笔记｜网易云音乐｜一加手机社区官方论坛｜百度贴吧｜Bilibili｜V2EX｜咔叽网单｜什么值得买｜AcFun｜天翼云盘｜WPS｜吾爱破解｜芒果TV｜联通营业厅｜Fa米家｜小米运动｜百度搜索资源平台｜每日天气预报｜每日一句｜哔咔漫画｜和彩云｜智友邦｜微博｜CSDN｜王者营地｜

每日签到集合基于【腾讯云函数】/【GitHub Actions】/【Docker】的每日签到脚本支持多账号使用特别声明: 本仓库发布的脚本及其中涉及的任何解锁和解密分析脚本，仅用于测试和学习研究，禁止用于商业用途，不能保证其合法性，准确性，完整性和有效性，请根据情况自行判断。

87 Nov 12, 2022

Automatic SystemVerilog linting in github actions with the help of Verible

Verible Lint Action Usage See action.yml This is a GitHub Action used to lint Verilog and SystemVerilog source files and comment erroneous lines of co

10 Dec 26, 2022

Automate HoYoLAB Genshin Daily Check-In Using Github Actions

Genshin Daily Check-In ?? Automate HoYoLAB Daily Check-In Using Github Actions KOR, ENG Instructions Fork the repository Go to Settings -> Secrets Cli

41 Jun 24, 2022

Mini Tool to lovers of debe from eksisozluk (one of the most famous website -reffered as collaborative dictionary like reddit- in Turkey) for pushing debe (Most Liked Entries of Yesterday) to kindle every day via Github Actions.

debe to kindle Mini Tool to lovers of debe from eksisozluk (one of the most famous website -refered as collaborative dictionary like reddit- in Turkey

11 Oct 11, 2022

Implement SAST + DAST through Github actions

Related tags

Overview

Implement SAST + DAST through Github actions

Roadmap

You might also like...

Automation that uses Github Actions, Google Drive API, YouTube Data API and youtube-dl together to feed BackJam app with new music

42-event-notifier - 42 Event notifier using 42API and Github Actions

GitHub Actions Docker training

Receive GitHub webhook events and send to Telegram chats with AIOHTTP through Telegram Bot API

GitHub Activity Generator - A script that helps you instantly generate a beautiful GitHub Contributions Graph for the last year.

🤖 Automated follow/unfollow bot for GitHub. Uses GitHub API. Written in python.

Github-Checker - Simple Tool To Check If Github User Available Or Not

HTTP Calls to Amazon Web Services Rest API for IoT Core Shadow Actions 💻🌐💡

Tubee is a web application, which runs actions when your subscribed channel upload new videos

Owner

Syed Umar Arfeen

A github actions + python code to extract URLs to code repositories to put into standard form, starting with github

Use GitHub Actions to create a serverless service.

Automatic SystemVerilog linting in github actions with the help of Verible

Automate HoYoLAB Genshin Daily Check-In Using Github Actions

Mini Tool to lovers of debe from eksisozluk (one of the most famous website -reffered as collaborative dictionary like reddit- in Turkey) for pushing debe (Most Liked Entries of Yesterday) to kindle every day via Github Actions.

POC de uma AWS lambda que executa a consulta de preços de criptomoedas, e é implantada na AWS usando Github actions.

GitHub Actions Poll Mode AutoScaler (GAPMAS)

Centralized whale instance using github actions, sourcing metadata from bigquery-public-data.

A GitHub Actions repo for tracking the dummies sending free money to Alex Jones + co.