Search Results: owasp-secure-coding

Found 25 Skills

Security & Compliancevchirrav/owasp-secure-cod...

sast-spotbugs

Run SpotBugs with Find Security Bugs plugin on Java code. Detects injection flaws, XXE, insecure crypto, SSRF, deserialization, and other JVM security bugs.

🇺🇸|EnglishTranslated

Security & Compliancevchirrav/owasp-secure-cod...

sast-cargo-audit

Run cargo-audit and cargo-geiger on Rust code. Audits dependencies for known vulnerabilities and detects unsafe code usage for memory safety review.

🇺🇸|EnglishTranslated

Security & Compliancevchirrav/owasp-secure-cod...

sast-gosec

Run gosec SAST scans on Go code. Detects SQL injection, hardcoded credentials, insecure TLS, command injection, and other Go security issues.

🇺🇸|EnglishTranslated

DevOps & Cloud Servicesvchirrav/owasp-secure-cod...

container-scan-hadolint

Run Hadolint to lint Dockerfiles for best practices and security issues. Validates against Docker and ShellCheck rules.

🇺🇸|EnglishTranslated

Security & Compliancevchirrav/owasp-secure-cod...

dast-zap

Run OWASP ZAP for Dynamic Application Security Testing. Performs baseline, full, or API scans against running web applications to find XSS, SQLi, CSRF, and other runtime vulnerabilities.

🇺🇸|EnglishTranslated

Security & Compliancevchirrav/owasp-secure-cod...

sast-eslint-security

Run ESLint with security plugins on JavaScript/TypeScript code. Detects eval usage, non-literal RegExp, prototype pollution, and other JS/TS security anti-patterns.

🇺🇸|EnglishTranslated

Security & Compliancevchirrav/owasp-secure-cod...

network-scan-nmap

Run Nmap for network discovery and security auditing. Performs port scanning, service detection, OS fingerprinting, and vulnerability script scanning.

🇺🇸|EnglishTranslated

Security & Compliancevchirrav/owasp-secure-cod...

container-scan-dockle

Run Dockle to audit container images against CIS Docker Benchmark and best practices. Checks for running as root, sensitive files, HEALTHCHECK, and more.

🇺🇸|EnglishTranslated

Security & Compliancevchirrav/owasp-secure-cod...

license-scan-scancode

Run ScanCode Toolkit for comprehensive license and copyright detection. Identifies license types, copyright holders, and compliance obligations across codebases.

🇺🇸|EnglishTranslated

Security & Compliancevchirrav/owasp-secure-cod...

container-scan-trivy

Run Trivy to scan container images for OS and library vulnerabilities, misconfigurations, and secrets. Comprehensive multi-target security scanner.

🇺🇸|EnglishTranslated

Security & Compliancevchirrav/owasp-secure-cod...

secure-coding-audit

Audit code for security vulnerabilities using OWASP Secure Coding rules. Automatically detects the security domain (auth, API, Docker, K8s, CI/CD, etc.) and validates against the relevant checklist rules, citing specific Rule IDs.

🇺🇸|EnglishTranslated

Security & Compliancevchirrav/owasp-secure-cod...

mobile-security-mobsf

Run MobSF (Mobile Security Framework) for automated static and dynamic analysis of Android and iOS apps. Detects insecure storage, weak crypto, hardcoded secrets, and permission issues.

🇺🇸|EnglishTranslated