Git watchdog will scan your public repository and find out the vulnerabilities

Dependencies

  • Docker
  • Go 1.17
  • MySQL 8.0.25

Bootstrap

  • Run chmod +x start.sh if start.sh script does not have privileged to run
  • Run ./start.sh --bootstrap quick bootstrap app (include build, start docker, migrate schema and start app), it will ready to accept connection to :8080 local
  • Run make docker.local.stop to cleanup

For developing

  • Get tools for developing: make install-go-tools
  • Build app docker image: run make build.docker.image
  • Startup local docker compose: make docker.local.start
  • Stop local docker compose: make docker.local.stop
  • Migrate schema database: run ./start.sh --migrate

Automate CI CD local

Or you can use skaffold to automate that pipeline

  • Install skaffold, helm latest, minikube latest version
  • Run skaffold dev --port-forward
  • Every change to source code, will trigger build, unit-test and deploy locally

Testing & Coverage

  • Run integration test(docker, go1.17 required): ./start.sh --integration
  • Run unittest: make test.unit
  • Check coverage: make coverage
  • Clean up report files: make clean
Owner
Quang Nguyen
Developer, Tech Enthusiast
Quang Nguyen
Similar Resources

PHP security vulnerabilities checker

Local PHP Security Checker The Local PHP Security Checker is a command line tool that checks if your PHP application depends on PHP packages with know

Jan 3, 2023

A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.

A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.

Dent More Information If you want to learn more about the techniques utlized in this framework please take a look at this article. Description This fr

Dec 2, 2022

Use golang.org/x/vuln to scan your dependencies

vulnz - Use golang.org/x/vuln to scan your dependencies vulnz uses golang.org/x/vuln to scan the dependencies in your go.mod. Install go install githu

Oct 10, 2022

Scan and analyze OSS dependencies and licenses from compiled Go binaries

Scan and analyze OSS dependencies and licenses from compiled Go binaries

golicense - Go Binary OSS License Scanner golicense is a tool that scans compiled Go binaries and can output all the dependencies, their versions, and

Nov 6, 2022

Take a list of domains and scan for endpoints, secrets, api keys, file extensions, tokens and more...

Take a list of domains and scan for endpoints, secrets, api keys, file extensions, tokens and more...

Take a list of domains and scan for endpoints, secrets, api keys, file extensions, tokens and more... Coded with 💙 by edoardottt. Share on Twitter! P

Dec 25, 2022

A fast tool to mass scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin (CVE-2021-26855).

A fast tool to mass scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin (CVE-2021-26855).

proxylogscan This tool to mass scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and imperson

Dec 26, 2022

A port scan and service weakpass brute tool build by golang.

A port scan and service weakpass brute tool build by golang.

A port scan and service weakpass brute tool build by golang.

Jan 5, 2023

WhiteSource Log4j Detect is a free CLI tool that quickly scans your projects to find vulnerable Log4j versions

Log4jDetect WhiteSource Log4j Detect is a free CLI tool that quickly scans your projects to find vulnerable Log4j versions containing the following kn

Nov 20, 2022
🍷 Find exploits and vulnerabilities in the most important databases.
🍷 Find exploits and vulnerabilities in the most important databases.

?? Dionisio Dionisio is a tool that can automate the search for exploits and vulnerabilities. Written in Go and open source, Dionisio has an advanced

Mar 14, 2022
SSRFuzz is a tool to find Server Side Request Forgery vulnerabilities, with CRLF chaining capabilities

SSRFuzz is a tool to find Server Side Request Forgery vulnerabilities, with CRLF chaining capabilities Why?

Dec 8, 2022
Scan for viruses by shelling out to clamav (streaming via stdin)

clamscan This is currently just an example program, but will eventually be a small library. ClamAV has functionality for performing a streaming scan o

Jan 12, 2022
In 'n Out - See what goes in and comes out of PEs/DLLs

In 'n Out Parse and return PE information ino -v comsvcs.dll { "Name": "<string>", "Path": "<string>", "Type": "<string file|directory>", "Im

Dec 16, 2022
A tool to check for vulnerabilities in your Golang dependencies, powered by Sonatype OSS Index
A tool to check for vulnerabilities in your Golang dependencies, powered by Sonatype OSS Index

Nancy nancy is a tool to check for vulnerabilities in your Golang dependencies, powered by Sonatype OSS Index, and as well, works with Nexus IQ Server

Dec 22, 2022
Proto-find is a tool for researchers that lets you find client side prototype pollution vulnerability.

proto-find proto-find is a tool for researchers that lets you find client side prototype pollution vulnerability. How it works proto-find open URL in

Dec 6, 2022
Search for vulnerabilities and exposures while filtering based on age, keywords, and other parameters.
Search for vulnerabilities and exposures while filtering based on age, keywords, and other parameters.

FAV/E FAV/E (Find A Vulnerability/Exposure) utilizes the NIST CVE database search API to search for vulnerabilities and exposures while filtering base

Dec 31, 2022
Scan your pictures and videos for corruption, and sort them by EXIF or modification time

scanogram Scan your pictures and videos for corruption, and sort them by EXIF or modification time. Introduction This tool is a fast and lightweight s

Dec 2, 2022
A detector for the Trojan Source and other unicode-based vulnerabilities.

Trojan Source Detector This application detects Trojan Source attacks in source code. It can be used as part of the CI system to make sure there are n

Jan 6, 2022
Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories: www.shhgit.com
Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories: www.shhgit.com

shhgit helps secure forward-thinking development, operations, and security teams by finding secrets across their code before it leads to a security br

Dec 23, 2022