Unified repository with OSS security tools, just make exec
and dive into the container!
There are some tools that have not been integrated to the main container itself, given their nature, but have been or will be added to the repository with an explanation on how to run them separately.
% make
Usage:
make <target>
Targets:
build Build the Docker image with the software versions described in the .env file
release Build the Docker image with the software versions described in the .env file, but from a specific release of this repo
latest Build the Docker image with the latest version for each tool
exec Run an interactive shell inside the container
Examples:
make
make build
make release
make latest
make exec
[x] GitHub analysis (fake profiles, OSINT):
[x] Only Secrets:
[x] Vulnerability scanners:
[x] Static analysis:
[x] Misconfigurations:
[x] GitHub actions:
[x] Container and/or cloud specific:
[x] Dependency & lib checkers: