Skip to content

faloker/purify

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

622 Commits
.github
.github
 
 
api
api
 
 
cypress
cypress
 
 
docker
docker
 
 
nginx
nginx
 
 
web
web
 
 
.dcignore
.dcignore
 
 
.dockerignore
.dockerignore
 
 
.gitignore
.gitignore
 
 
.prettierrc
.prettierrc
 
 
CODE_OF_CONDUCT.md
CODE_OF_CONDUCT.md
 
 
Dockerfile
Dockerfile
 
 
LICENSE.md
LICENSE.md
 
 
README.md
README.md
 
 
Taskfile.yml
Taskfile.yml
 
 
api.dockerfile
api.dockerfile
 
 
app.json
app.json
 
 
cypress.cover.json
cypress.cover.json
 
 
cypress.json
cypress.json
 
 
docker-compose.ci.yml
docker-compose.ci.yml
 
 
docker-compose.tests.yml
docker-compose.tests.yml
 
 
docker-compose.yml
docker-compose.yml
 
 
heroku.yml
heroku.yml
 
 
nginx.dockerfile
nginx.dockerfile
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 

Repository files navigation


purify
Purify

All-in-one tool for managing vulnerability reports

🎮 Demo

📃 Docs

📹 Quick Vimeo

GitHub release (latest by date including pre-releases) GitHub (Pre-)Release Date GitHub Workflow Status (branch) GitHub closed issues

Description

The goal of Purify to be an easy-in-use and efficient tool to simplify a workflow of managing vulnerabilities delivered from various (even custom) tools.

Purify is aims to be a tool-agnostic application. Tool independence makes it possible to analyze results/findings/reports of any toolset. Technically, the report you want to upload should be one of the following:

  • JSON file
  • XML file
  • JSON object (most webhooks dispatch events as separate JSON objects)

This means you don't need any special plug-ins to parse incoming reports. For this Purify introduces the concept of templates. Templates are code-free and user-friendly structures that parse reports the way you tell them.

Purify is able to remove duplicate results among various vulnerability scanners or tools. In addition, it can combine several results of the same tool based on selected fields and it is fully configurable. Purify does all this work to reduce the headache of the analyst.

Collect all your findings in one place, review/validate/track them, collaborate with your teammates, receive notifications via Slack, create Jira tickets and many more.

Getting started

Questions

For questions and support please use Github Discussions. The issue list of this repo is exclusively for bug reports and feature requests.

Built With

  • Nest - The web framework used
  • Vuetify - Material Component Framework for Vue

License

This project is licensed under the MIT License - see the LICENSE.md file for details

About

All-in-one tool for managing vulnerability reports from AppSec pipelines

faloker.gitbook.io/purify

Topics

security security-audit secops infosec appsec vulnerability-management vulnerability-scanners vulnerability-assessment vuetify security-automation security-tools devsecops nestjs

Resources

Readme

License

MIT license

Code of conduct

Code of conduct
Activity

Stars

105 stars

Watchers

9 watching

Forks

18 forks
Report repository

Releases 16

v1.2.0 Latest
Feb 14, 2021
+ 15 releases

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages