New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Automated Vulnerability Scanning #149

Open
estavrak opened this Issue Oct 24, 2016 · 21 comments

Comments

Projects
None yet
@estavrak
Copy link

estavrak commented Oct 24, 2016

kalidevs

Remember that 'Developing with Security in Mind' meetup we had in February?

We are certain y' all have been 'practicing safe development', and would like to show you a few ways to double check your work.

We will have a look at a few tools that can be used for web app vulnerability scanning, mostly 'point & click' stuff included in Kali Linux, such as:

  • httrack
  • owasp-zap
  • w3af
  • nikto
  • nmap
  • wpscan
  • golismero
  • and a few more 👊

Of course, there will probably be some preaching about current threats, best practices, the earth being flat, and beer.

Anyone willing to contribute is more than welcome, so far @DaKnOb and I are thinking about this.

Special thanks to @eirinikp for the poster!

PS: @gsaslis “In this meetup, we will see how we can incorporate automated security testing in the Software Development Life Cycle so we can increase the Agility of the team."

@DaKnOb

This comment has been minimized.

Copy link
Contributor

DaKnOb commented Oct 24, 2016

👍

@DaKnOb

This comment has been minimized.

Copy link
Contributor

DaKnOb commented Oct 24, 2016

🔈

@sonaht sonaht added the Topics label Oct 24, 2016

@maounis

This comment has been minimized.

Copy link

maounis commented Oct 24, 2016

👍

6 similar comments
@zakkak

This comment has been minimized.

Copy link
Contributor

zakkak commented Oct 24, 2016

👍

@irinikp

This comment has been minimized.

Copy link
Contributor

irinikp commented Oct 24, 2016

👍

@sonaht

This comment has been minimized.

Copy link
Contributor

sonaht commented Oct 24, 2016

👍

@gvre

This comment has been minimized.

Copy link
Contributor

gvre commented Oct 24, 2016

👍

@flouris

This comment has been minimized.

Copy link

flouris commented Oct 24, 2016

👍

@estavrak

This comment has been minimized.

Copy link
Author

estavrak commented Oct 24, 2016

👍

@estavrak

This comment has been minimized.

Copy link
Author

estavrak commented Oct 24, 2016

🔈

@cmaragoulis

This comment has been minimized.

Copy link

cmaragoulis commented Oct 24, 2016

👍

@gsaslis

This comment has been minimized.

Copy link
Contributor

gsaslis commented Oct 25, 2016

Hmm interesting!

👍

Also, did you guys know about http://inspec.io/ ? Together with the CIS Security benchmarks (which are btw, embedded in Chef Compliance, a commercial Chef offering) it takes a somewhat different approach (if I understand correctly what you're proposing) to tackle some of the same issues. It basically says: let me check your server against a looooong list of known security vulnerabilities and come back to you with things you need to fix.

@mikedi

This comment has been minimized.

Copy link
Contributor

mikedi commented Oct 25, 2016

👍

1 similar comment
@msti

This comment has been minimized.

Copy link
Contributor

msti commented Oct 25, 2016

👍

@gsaslis

This comment has been minimized.

Copy link
Contributor

gsaslis commented Oct 26, 2016

@agougousis

This comment has been minimized.

Copy link

agougousis commented Oct 31, 2016

👍

5 similar comments
@angeletos

This comment has been minimized.

Copy link

angeletos commented Nov 6, 2016

👍

@ManosGEM

This comment has been minimized.

Copy link

ManosGEM commented Mar 9, 2017

👍

@nikos445

This comment has been minimized.

Copy link

nikos445 commented Mar 9, 2017

👍

@dzervas

This comment has been minimized.

Copy link

dzervas commented Mar 10, 2017

👍

@maninak

This comment has been minimized.

Copy link

maninak commented May 16, 2017

👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment