A GitHub action for organizations that enables advanced security code scanning on all new repos

Related tags

Security related resourcesactionscode-scanningcodeqladvanced-security
Overview

Advanced-Security-Enforcer

CodeQL Docker Image CI .github/workflows/linter.yml

What this repository does

This code is for an active GitHub Action written in Python to check (on a schedule) for new repositories created in the last 24 hours and open pull requests in the new repositories to enable GitHub advanced security code scanning.

Support

If you need support using this project or have questions about it, please open up an issue in this repository. Requests made directly to GitHub staff or support team will be redirected here to open an issue. GitHub SLA's and support/services contracts do not apply to this repository.

Example workflow

name: Enforce advanced security scanning

on:
  repository_dispatch:
  schedule:
    - cron: '00 5 * * *'

jobs:
  build:
    name: Enforce advanced security scanning
    runs-on: ubuntu-latest

    steps:
    - name: Checkout code
      uses: actions/[email protected]
    
    - name: Run enforcer tool
      uses: github/[email protected]
      env:
        GH_ACTOR: ${{ secrets.GH_ACTOR }}
        GH_TOKEN: ${{ secrets.GH_TOKEN }}
        ORGANIZATION: ${{ secrets.ORGANIZATION }}
        PR_BODY: your text goes here
  • Be sure to fill out the env values above with your information. More info on creating secrets can be found here.
  • Your GitHub token will need to have read/write access to all the repos in the organization

How it does this

  • A CRON job on GitHub actions triggers a nightly run of this script
  • The script checks for new repositories by storing the known repositories to a file
  • It then iterates over new repositories and opens a pull request for the codeql.yml file stored in this repository

Contributions

We would ❤️ contributions to improve this action. Please see CONTRIBUTING.md for how to get involved.

Instructions to run locally

  • Clone the repository
  • Create a personal access token with read only permissions
  • Copy the .env-example file to .env
  • Edit the .env file by adding your Personal Access Token to it and the desired organization
  • Install dependencies pip install -r requirements.txt
  • Run the code python3 enforcer.py
  • Note the log output for details on any pull requests that were opened
  • After running locally this will have changed your git config user.name and user.email so those should be reset for this repository

License

MIT

Comments
  • Get timedelta delay from config instead of hardcode 24hrs

    Get timedelta delay from config instead of hardcode 24hrs

    fixes #29

    • [x] Change time delay to configurable so that instead of checking for repos created yesterday, users can choose, via the .env file, an optional delay such as 1 week or 3 days in order to allow time for actual code to be pushed to the repository.
    • [x] Update the .env-example
    • [x] Write up documentation on the README for how to set the delay
    • [x] Test
    enhancement 
    opened by zkoppert 4
  • Bump github3-py from 1.3.0 to 2.0.0

    Bump github3-py from 1.3.0 to 2.0.0

    Bumps github3-py from 1.3.0 to 2.0.0.

    Commits
    • 9345f86 Release v2.0
    • 6572d75 Merge pull request #1020 from sigmavirus24/fix-history-keyerrors
    • 2bf6380 Rollback changes to unnecessary fields
    • 0f2b844 Fix gist.history keyerrors
    • 99c6515 Merge pull request #1017 from sigmavirus24/add-github-labeler
    • 0632e9b Add Github Labeler
    • 404ea04 Merge pull request #1015 from sigmavirus24/remove-unicode-handling
    • b28febf Add changes to release notes
    • cd1af16 Remove unicode legacy code
    • 5766ecd Merge pull request #1013 from sigmavirus24/deprecated-code-removal
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 2
  • Bump python-dotenv from 0.19.2 to 0.20.0

    Bump python-dotenv from 0.19.2 to 0.20.0

    Bumps python-dotenv from 0.19.2 to 0.20.0.

    Release notes

    Sourced from python-dotenv's releases.

    Version 0.20.0

    Added

    • Add encoding (Optional[str]) parameter to get_key, set_key and unset_key. (#379 by @​bbc2)

    Fixed

    • Use dict to specify the entry_points parameter of setuptools.setup (#376 by @​mgorny).
    • Don't build universal wheels (#387 by @​bbc2).
    Changelog

    Sourced from python-dotenv's changelog.

    [0.20.0] - 2022-03-24

    Added

    • Add encoding (Optional[str]) parameter to get_key, set_key and unset_key. (#379 by [@​bbc2])

    Fixed

    • Use dict to specify the entry_points parameter of setuptools.setup (#376 by [@​mgorny]).
    • Don't build universal wheels (#387 by [@​bbc2]).
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • Bump github3-py from 3.1.0 to 3.1.2

    Bump github3-py from 3.1.0 to 3.1.2

    Bumps github3-py from 3.1.0 to 3.1.2.

    Commits
    • efa105e Release 3.1.2
    • 196814e Merge pull request #1078 from dev022022/patch-1
    • 92a0b1d Add extra flag [crpyto] for PyJWT dependency
    • 28abf6d Merge pull request #1076 from sigmavirus24/support-adding-parents-to-teams
    • 3c965e3 Update to prepare for 3.1.1 release
    • 4e11e8f Support adding parent teams
    • dccad7d Create codeql-analysis.yml
    • 6db9296 Merge pull request #1074 from greggilbert/feature/add-deployment-statuses
    • 40b9f2e [pre-commit.ci] auto fixes from pre-commit.com hooks
    • f4314e8 Bump release notes, add self to authors
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • Bump github3-py from 3.1.0 to 3.1.1

    Bump github3-py from 3.1.0 to 3.1.1

    Bumps github3-py from 3.1.0 to 3.1.1.

    Commits
    • 28abf6d Merge pull request #1076 from sigmavirus24/support-adding-parents-to-teams
    • 3c965e3 Update to prepare for 3.1.1 release
    • 4e11e8f Support adding parent teams
    • dccad7d Create codeql-analysis.yml
    • 6db9296 Merge pull request #1074 from greggilbert/feature/add-deployment-statuses
    • 40b9f2e [pre-commit.ci] auto fixes from pre-commit.com hooks
    • f4314e8 Bump release notes, add self to authors
    • 6935b76 Allow more deployment statuses per Github docs
    • 1d27cfe Merge pull request #1073 from sigmavirus24/release/3.1
    • See full diff in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 1
  • Bump python-dotenv from 0.20.0 to 0.21.0

    Bump python-dotenv from 0.20.0 to 0.21.0

    Bumps python-dotenv from 0.20.0 to 0.21.0.

    Release notes

    Sourced from python-dotenv's releases.

    Version 0.21.0

    What's Changed

    Added

    Fixed

    New Contributors

    Full Changelog: https://github.com/theskumar/python-dotenv/compare/v0.20.0...v0.21.0

    Changelog

    Sourced from python-dotenv's changelog.

    [0.21.0] - 2022-09-03

    Added

    Fixed

    Commits
    • b6fe193 Bump version: 0.20.0 → 0.21.0
    • 5d07931 update changelog
    • 490b116 Revert "fix: out of scope error when "dest" variable is undefined #413"
    • b1f041d Add release notes for 0.21.0
    • 6399af6 chore: fix flake8 issue
    • a53d652 fix: out of scope error when "dest" variable is undefined #413
    • a7c811d Update README.md (#415)
    • 914c68e feat(cli) add --format= option to list command (#407)
    • 2f36c08 Drop Python 3.5 and 3.6 and upgrade GA (#393)
    • a50a3bf Add .vscode to gitignore
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • Bump github3-py from 3.1.0 to 3.2.0

    Bump github3-py from 3.1.0 to 3.2.0

    Bumps github3-py from 3.1.0 to 3.2.0.

    Commits
    • 58f7060 Merge pull request #1081 from sigmavirus24/teams-deprecation
    • c55b4b9 Update to avoid /teams deprecation
    • 38b6f88 Merge pull request #1079 from zkdev/zkdev-setupcfg-fix-typo
    • aae984e Update AUTHORS
    • 512c827 Fix typo
    • efa105e Release 3.1.2
    • 196814e Merge pull request #1078 from dev022022/patch-1
    • 92a0b1d Add extra flag [crpyto] for PyJWT dependency
    • 28abf6d Merge pull request #1076 from sigmavirus24/support-adding-parents-to-teams
    • 3c965e3 Update to prepare for 3.1.1 release
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • Bump github3-py from 3.0.0 to 3.1.0

    Bump github3-py from 3.0.0 to 3.1.0

    Bumps github3-py from 3.0.0 to 3.1.0.

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • Bump python-dotenv from 0.19.1 to 0.19.2

    Bump python-dotenv from 0.19.1 to 0.19.2

    Bumps python-dotenv from 0.19.1 to 0.19.2.

    Release notes

    Sourced from python-dotenv's releases.

    Version 0.19.2

    What's Changed

    Fixed

    Full Changelog: https://github.com/theskumar/python-dotenv/compare/v0.19.1...v0.19.2

    Changelog

    Sourced from python-dotenv's changelog.

    [0.19.2] - 2021-11-11

    Fixed

    • In set_key, add missing newline character before new entry if necessary. (#361 by [@​bbc2])
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • Bump github3-py from 2.0.0 to 3.0.0

    Bump github3-py from 2.0.0 to 3.0.0

    Bumps github3-py from 2.0.0 to 3.0.0.

    Commits
    • 535eb22 Merge pull request #1053 from sigmavirus24/docs-updates
    • 0777b75 Fix broken documentation
    • c5c8d84 Update date in Release notes
    • fffaf84 Add expire_in to login_as_app_installation
    • 2607150 Add Stargazer and use stargazer media type
    • 9a5dcf3 Add privacy attribute to Team objects
    • b65b13f Remove incorrect iterator documentation
    • d96ac52 Add API Ref for Projects
    • 9218903 Merge pull request #1052 from sigmavirus24/pr-updates
    • d57c987 Update attributes available on Pull Requests
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • Bump python-dotenv from 0.19.0 to 0.19.1

    Bump python-dotenv from 0.19.0 to 0.19.1

    Bumps python-dotenv from 0.19.0 to 0.19.1.

    Release notes

    Sourced from python-dotenv's releases.

    Version 0.19.1

    What's Changed

    New Contributors

    Full Changelog: https://github.com/theskumar/python-dotenv/compare/v0.19.0...v0.19.1

    Changelog

    Sourced from python-dotenv's changelog.

    [0.19.1] - 2021-08-09

    Added

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • use pipenv instead of pip in docker build

    use pipenv instead of pip in docker build

    Docker builds are giving a warning that pip should not be used as root. It suggests configuring pipenv.

    WARNING: Running pip as the 'root' user can result in broken permissions and conflicting behaviour with the system package manager. It is recommended to use a virtual environment instead: https://pip.pypa.io/warnings/venv

    see here for an example of this error as seen in the log.

    bug 
    opened by zkoppert 0
Releases(v2.0.0)

  • v2.0.0(Feb 22, 2022)

    Changelog

    🚀 Features

    • Get timedelta delay from config instead of hardcode 24hrs @zkoppert (#30)
    • Add Ruby @zkoppert (#25)

    🧰 Maintenance

    • Clarify creation time window of repos to look for @zkoppert (#22)
    • Bump github3-py from 3.0.0 to 3.1.0 @dependabot (#28)
    • Bump github3-py from 2.0.0 to 3.0.0 @dependabot (#23)
    • Bump python-dotenv from 0.19.1 to 0.19.2 @dependabot (#24)

    See details of all code changes since previous release

    Source code(tar.gz)
    Source code(zip)

  • v1.0.3(Oct 23, 2021)

    Changelog

    🐛 Bug Fixes

    • Update repo link @zkoppert (#20)

    🧰 Maintenance

    • Bump github3-py from 1.3.0 to 2.0.0 @dependabot (#3)
    • Update repository links @zkoppert (#19)
    • Use prebuilt docker image @zkoppert (#21)

    See details of all code changes since previous release

    Source code(tar.gz)
    Source code(zip)

  • v1.0.2(Oct 13, 2021)

    Changelog

    🚀 Features

    • Use prebuilt docker image for performance @zkoppert (#18)
    • Add debug instructions for docker @zkoppert (#14)

    🐛 Bug Fixes

    • Ensure the codeql configuration file is present in the docker container @zkoppert (#17)
    • Change to UI based manual actions kickoff instead of API based @zkoppert (#15)
    • Fix path from getting overridden by docker @zkoppert (#16)

    See details of all code changes since previous release

    Source code(tar.gz)
    Source code(zip)

  • v1.0.1(Oct 12, 2021)

  • v1.0.0(Oct 8, 2021)

    🎉 The initial release of the advanced-security-enforcer!

    🚀 Features

    • Customizable pull request body
    • Opens pull request on any repo created within the last 24 hours
    • Scoped to a specific organization

    ⏳ What's Changed

    • Create LICENSE by @zkoppert in https://github.com/github/advanced-security-enforcer/pull/1
    • Create codeql-analysis.yml by @zkoppert in https://github.com/github/advanced-security-enforcer/pull/2
    • Bump python-dotenv from 0.15.0 to 0.19.0 by @dependabot in https://github.com/github/advanced-security-enforcer/pull/4
    • Quote to prevent word splitting by @zkoppert in https://github.com/github/advanced-security-enforcer/pull/5
    • Add release drafter by @zkoppert in https://github.com/github/advanced-security-enforcer/pull/6
    • Expand README sections by @zkoppert in https://github.com/github/advanced-security-enforcer/pull/9
    • Create CODE_OF_CONDUCT.md by @zkoppert in https://github.com/github/advanced-security-enforcer/pull/8
    • Add release procedure by @zkoppert in https://github.com/github/advanced-security-enforcer/pull/10

    🧑🏻‍🤝‍🧑🏻 New Contributors

    • @zkoppert made their first contribution in https://github.com/github/advanced-security-enforcer/pull/1
    • @AAugustine made their first contribution in https://github.com/github/advanced-security-enforcer/pull/1
    • @dependabot made their first contribution in https://github.com/github/advanced-security-enforcer/pull/4

    Full Changelog: https://github.com/github/advanced-security-enforcer/commits/v1.0.0

    Source code(tar.gz)
    Source code(zip)
Owner
Zack Koppert
Open/Inner Source enthusiast Senior Software Engineer, Professional Services @github
Zack Koppert
GitHub Repository
利用NTLM Hash读取Exchange邮件

GetMail 利用NTLM Hash读取Exchange邮件:在进行内网渗透时候,我们经常拿到的是账号的Hash凭据而不是明文口令。在这种情况下采用邮件客户端或者WEBMAIL的方式读取邮件就很麻烦,需要进行破解,NTLM的破解主要依靠字典强度,破解概率并不是很大。

<a href=[email protected]"> 388 Dec 27, 2022
CVE-2021-43798Exp多线程批量验证脚本

Grafana V8.*任意文件读取Exp--多线程批量验证脚本 漏洞描述 Grafana是一个开源的度量分析与可视化套件。经常被用作基础设施的时间序列数据和应用程序分析的可视化,它在其他领域也被广泛的使用包括工业传感器、家庭自动化、天气和过程控制等。其 8.*版本任意文件读取漏洞,该漏洞目前为0d

2 Dec 16, 2021
A scanner and a proof of sample exploit for log4j RCE CVE-2021-44228

1.Create a Sample Vulnerable Application . 2.Start a netcat listner . 3.Run the exploit . 5.Use jdk1.8.0_20 for better results . Exploit-db - https://

Isuru Umayanga 7 Aug 06, 2022
We protect the privacy of the data on your computer by using the camera of your Debian based Pardus operating system. 🕵️

Pardus Lookout We protect the privacy of the data on your computer by using the camera of your Debian based Pardus operating system. The application i

Ahmet Furkan DEMIR 19 Nov 18, 2022
Buff A simple BOF library I wrote under an hour to help me automate with BOF attack

What is Buff? A simple BOF library I wrote under an hour to help me automate with BOF attack. It comes with fuzzer and a generic method to generate ex

0x00 3 Nov 21, 2022
This exploit allows to connect to the remote RemoteMouse 3.008 service to virtually press arbitrary keys and execute code on the machine.

RemoteMouse-3.008-Exploit The RemoteMouse application is a program for remotely controlling a computer from a phone or tablet. This exploit allows to

Podalirius 25 Dec 04, 2022
Fetch Chrome, Firefox, WiFi password and system info

DISCLAIMER : OUR TOOLS ARE FOR EDUCATIONAL PURPOSES ONLY. DON'T USE THEM FOR ILLEGAL ACTIVITIES. YOU ARE THE ONLY RESPONSABLE FOR YOUR ACTIONS! OUR TO

Genos 59 Nov 17, 2022
Trustme: #1 quality TLS certs while you wait

trustme: #1 quality TLS certs while you wait You wrote a cool network client or server. It encrypts connections using TLS. Your test suite needs to ma

479 Dec 27, 2022
PreviewGram is for users that wants get a more private experience with the Telegram's Channel.

PreviewGram is for users that wants get a more private experience with the Telegram's Channel.

1 Sep 25, 2022
Crowbar - A windows post exploitation tool

Crowbar - A windows post exploitation tool Status - ✔️ This project is now considered finished. Any updates from now on will most likely be new script

29 Nov 20, 2022
AttractionFinder - 2022 State Qualified FBLA Attraction Finder Application

Attraction Finder Developers: Riyon Praveen, Aaron Bijoy, & Yash Vora How It Wor

$ky 2 Feb 09, 2022
The ultimate Metasploit apk binder with legit apk written in python3

Infector is a python3 based script which is officially made for linux based distro . It binds metasploit payload with original apk with avast antivirus bypassed .

27 Dec 25, 2022
Exploiting CVE-2021-44228 in Unifi Network Application for remote code execution and more

Log4jUnifi Exploiting CVE-2021-44228 in Unifi Network Application for remote cod

96 Jan 02, 2023
Phoenix Framework is an environment for writing, testing and using exploit code.

Phoenix Framework is an environment for writing, testing and using exploit code. 🖼 Screenshots 🎪 Community PwnWiki Forums 🔑 Licen

42 Aug 09, 2022
Unicode fuzzer for various purposes

UnicodeToy Unicode fuzzer for various purposes Unicode based on version 14.0 features Generate the shortest xss domain payload Generate unicode str, u

33 Nov 27, 2022
Looks at Python code to search for things which look "dodgy" such as passwords or diffs

dodgy Dodgy is a very basic tool to run against your codebase to search for "dodgy" looking values. It is a series of simple regular expressions desig

Landscape 112 Nov 25, 2022
A (completely native) python3 wifi brute-force attack using the 100k most common passwords (2021)

wifi-bf [LINUX ONLY] A (completely native) python3 wifi brute-force attack using the 100k most common passwords (2021) This script is purely for educa

Finn Lancaster 20 Nov 12, 2022
(D)arth (S)ide of the (L)og4j (F)orce, the ultimate log4j vulnerabilities assessor

DSLF DSLF stands for (D)arth (S)ide of the (L)og4j (F)orce. It is the ultimate log4j vulnerabilities assessor. It comes with four individual Python3 m

frontal 1 Jan 11, 2022
Let's you scan the entire internet in a couple of hours and identify all Minecraft servers on IPV4

Minecraft-Server-Scanner Let's you scan the entire internet in a couple of hours and identify all Minecraft servers on IPV4 Installation and running i

116 Jan 08, 2023
macOS Initial Access Payload Generator

Mystikal macOS Initial Access Payload Generator Related Blog Post: https://posts.specterops.io/introducing-mystikal-4fbd2f7ae520 Usage: Install Xcode

Leo Pitt 206 Dec 31, 2022