Merge branch 'main' into users/yongyan-gh/hadolint
This commit is contained in:
+1
-1
@@ -30,7 +30,7 @@ jobs:
|
||||
# To automatically get bug fixes and new Ruby versions for ruby/setup-ruby,
|
||||
# change this to (see https://github.com/ruby/setup-ruby#versioning):
|
||||
# uses: ruby/setup-ruby@v1
|
||||
uses: ruby/setup-ruby@473e4d8fe5dd94ee328fdfca9f8c9c7afc9dae5e
|
||||
uses: ruby/setup-ruby@2b019609e2b0f1ea1a2bc8ca11cb82ab46ada124
|
||||
with:
|
||||
ruby-version: ${{ matrix.ruby-version }}
|
||||
bundler-cache: true # runs 'bundle install' and caches installed gems automatically
|
||||
|
||||
@@ -0,0 +1,175 @@
|
||||
# This workflow uses actions that are not certified by GitHub.
|
||||
# They are provided by a third-party and are governed by
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
#
|
||||
# Run a Nexploit Scan
|
||||
# This action runs a new security scan in Nexploit, or reruns an existing one.
|
||||
# Build Secure Apps & APIs. Fast.
|
||||
# [NeuraLegion](https://www.neuralegion.com) is a powerful dynamic application & API security testing (DAST) platform that security teams trust and developers love.
|
||||
# Automatically Tests Every Aspect of Your Apps & APIs
|
||||
# Scans any target, whether Web Apps, APIs (REST. & SOAP, GraphQL & more), Web sockets or mobile, providing actionable reports
|
||||
# Seamlessly integrates with the Tools and Workflows You Already Use
|
||||
#
|
||||
# NeuraLegion works with your existing CI/CD pipelines – trigger scans on every commit, pull request or build with unit testing.
|
||||
# Spin-Up, Configure and Control Scans with Code
|
||||
# One file. One command. One scan. No UI needed.
|
||||
#
|
||||
# Super-Fast Scans
|
||||
#
|
||||
# Interacts with applications and APIs, instead of just crawling them and guessing.
|
||||
# Scans are fast as our AI-powered engine can understand application architecture and generate sophisticated and targeted attacks.
|
||||
#
|
||||
# No False Positives
|
||||
#
|
||||
# Stop chasing ghosts and wasting time. NeuraLegion doesn’t return false positives, so you can focus on releasing code.
|
||||
#
|
||||
# Comprehensive Security Testing
|
||||
#
|
||||
# NeuraLegion tests for all common vulnerabilities, such as SQL injection, CSRF, XSS, and XXE -- as well as uncommon vulnerabilities, such as business logic vulnerabilities.
|
||||
#
|
||||
# More information is available on NeuraLegion’s:
|
||||
# * [Website](https://www.neuralegion.com/)
|
||||
# * [Knowledge base](https://docs.neuralegion.com/docs/quickstart)
|
||||
# * [YouTube channel](https://www.youtube.com/channel/UCoIC0T1pmozq3eKLsUR2uUw)
|
||||
# * [GitHub Actions](https://github.com/marketplace?query=neuralegion+)
|
||||
#
|
||||
# Inputs
|
||||
#
|
||||
# `name`
|
||||
#
|
||||
# **Required**. Scan name.
|
||||
#
|
||||
# _Example:_ `name: GitHub scan ${{ github.sha }}`
|
||||
#
|
||||
# `api_token`
|
||||
#
|
||||
# **Required**. Your Nexploit API authorization token (key). You can generate it in the **Organization** section on [nexploit.app](https://nexploit.app/login). Find more information [here](https://kb.neuralegion.com/#/guide/np-web-ui/advanced-set-up/managing-org?id=managing-organization-apicli-authentication-tokens).
|
||||
#
|
||||
# _Example:_ `api_token: ${{ secrets.NEXPLOIT_TOKEN }}`
|
||||
#
|
||||
# `restart_scan`
|
||||
#
|
||||
# **Required** when restarting an existing scan by its ID. You can get the scan ID in the Scans section on [nexploit.app](https://nexploit.app/login).<br> Please make sure to only use the necessary parameters. Otherwise, you will get a response with the parameter usage requirements.
|
||||
#
|
||||
# _Example:_ `restart_scan: ai3LG8DmVn9Rn1YeqCNRGQ)`
|
||||
#
|
||||
# `discovery_types`
|
||||
#
|
||||
# **Required**. Array of discovery types. The following types are available:
|
||||
# * `archive` - uses an uploaded HAR-file for a scan
|
||||
# * `crawler` - uses a crawler to define the attack surface for a scan
|
||||
# * `oas` - uses an uploaded OpenAPI schema for a scan <br>
|
||||
# If no discovery type is specified, `crawler` is applied by default.
|
||||
#
|
||||
# _Example:_
|
||||
#
|
||||
# ```yml
|
||||
# discovery_types: |
|
||||
# [ "crawler", "archive" ]
|
||||
# ```
|
||||
#
|
||||
# `file_id`
|
||||
#
|
||||
# **Required** if the discovery type is set to `archive` or `oas`. ID of a HAR-file or an OpenAPI schema you want to use for a scan. You can get the ID of an uploaded HAR-file or an OpenAPI schema in the **Storage** section on [nexploit.app](https://nexploit.app/login).
|
||||
#
|
||||
# _Example:_
|
||||
#
|
||||
# ```
|
||||
# FILE_ID=$(nexploit-cli archive:upload \
|
||||
# --token ${{ secrets.NEXPLOIT_TOKEN }} \
|
||||
# --discard true \
|
||||
# ./example.har)
|
||||
# ```
|
||||
#
|
||||
# `crawler_urls`
|
||||
#
|
||||
# **Required** if the discovery type is set to `crawler`. Target URLs to be used by the crawler to define the attack surface.
|
||||
#
|
||||
# _Example:_
|
||||
#
|
||||
# ```
|
||||
# crawler_urls: |
|
||||
# [ "http://vulnerable-bank.com" ]
|
||||
# ```
|
||||
#
|
||||
# `hosts_filter`
|
||||
#
|
||||
# **Required** when the the discovery type is set to `archive`. Allows selecting specific hosts for a scan.
|
||||
#
|
||||
# Outputs
|
||||
#
|
||||
# `url`
|
||||
#
|
||||
# Url of the resulting scan
|
||||
#
|
||||
# `id`
|
||||
#
|
||||
# ID of the created scan. This ID could then be used to restart the scan, or for the following GitHub actions:
|
||||
# * [Nexploit Wait for Issues](https://github.com/marketplace/actions/nexploit-wait-for-issues)
|
||||
# * [Nexploit Stop Scan](https://github.com/marketplace/actions/nexploit-stop-scan)
|
||||
#
|
||||
# Example usage
|
||||
#
|
||||
# Start a new scan with parameters
|
||||
#
|
||||
# ```yml
|
||||
# steps:
|
||||
# - name: Start Nexploit Scan
|
||||
# id: start
|
||||
# uses: NeuraLegion/run-scan@29ebd17b4fd6292ce7a238a59401668953b37fbe
|
||||
# with:
|
||||
# api_token: ${{ secrets.NEXPLOIT_TOKEN }}
|
||||
# name: GitHub scan ${{ github.sha }}
|
||||
# discovery_types: |
|
||||
# [ "crawler", "archive" ]
|
||||
# crawler_urls: |
|
||||
# [ "http://vulnerable-bank.com" ]
|
||||
# file_id: LiYknMYSdbSZbqgMaC9Sj
|
||||
# hosts_filter: |
|
||||
# [ ]
|
||||
# - name: Get the output scan url
|
||||
# run: echo "The scan was started on ${{ steps.start.outputs.url }}"
|
||||
# ```
|
||||
#
|
||||
# Restart an existing scan
|
||||
#
|
||||
# ```yml
|
||||
# steps:
|
||||
# - name: Start Nexploit Scan
|
||||
# id: start
|
||||
# uses: NeuraLegion/run-scan@29ebd17b4fd6292ce7a238a59401668953b37fbe
|
||||
# with:
|
||||
# api_token: ${{ secrets.NEXPLOIT_TOKEN }}
|
||||
# name: GitHub scan ${{ github.sha }}
|
||||
# restart_scan: ai3LG8DmVn9Rn1YeqCNRGQ
|
||||
# - name: Get the output scan url
|
||||
# run: echo "The scan was started on ${{ steps.start.outputs.url }}"
|
||||
|
||||
|
||||
name: "NeuraLegion"
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ $default-branch, $protected-branches ]
|
||||
pull_request:
|
||||
branches: [ $default-branch ]
|
||||
schedule:
|
||||
- cron: $cron-weekly
|
||||
|
||||
jobs:
|
||||
neuralegion_scan:
|
||||
runs-on: ubuntu-18.04
|
||||
name: A job to run a Nexploit scan
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- name: Start Nexploit Scan 🏁
|
||||
id: start
|
||||
uses: NeuraLegion/run-scan@29ebd17b4fd6292ce7a238a59401668953b37fbe
|
||||
with:
|
||||
api_token: ${{ secrets.NEURALEGION_TOKEN }}
|
||||
name: GitHub scan ${{ github.sha }}
|
||||
discovery_types: |
|
||||
[ "crawler" ]
|
||||
crawler_urls: |
|
||||
[ "https://brokencrystals.com" ] # ✏️ Update this to the url you wish to scan
|
||||
@@ -0,0 +1,24 @@
|
||||
{
|
||||
"name": "NeuraLegion",
|
||||
"creator": "NeuraLegion",
|
||||
"description": "Scans any target, whether Web Apps, APIs (REST. & SOAP, GraphQL & more), Web sockets or mobile, providing actionable reports",
|
||||
"iconName": "neuralegion",
|
||||
"categories": [
|
||||
"Code Scanning",
|
||||
"C",
|
||||
"C#",
|
||||
"C++",
|
||||
"Go",
|
||||
"Java",
|
||||
"JavaScript",
|
||||
"Kotlin",
|
||||
"Objective C",
|
||||
"PHP",
|
||||
"Python",
|
||||
"Ruby",
|
||||
"Rust",
|
||||
"Scala",
|
||||
"Swift",
|
||||
"TypeScript"
|
||||
]
|
||||
}
|
||||
@@ -0,0 +1,11 @@
|
||||
{
|
||||
"name": "Sobelow",
|
||||
"creator": "nccgroup",
|
||||
"description": "Sobelow is a security-focused static analysis tool for the Phoenix framework.",
|
||||
"iconName": "sobelow",
|
||||
"categories": [
|
||||
"Code Scanning",
|
||||
"Elixir"
|
||||
]
|
||||
}
|
||||
|
||||
@@ -0,0 +1,40 @@
|
||||
# This workflow uses actions that are not certified by GitHub.
|
||||
# They are provided by a third-party and are governed by
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
#
|
||||
# Sobelow is a security-focused static analysis tool for the Phoenix framework. https://sobelow.io/
|
||||
#
|
||||
# To use this workflow, you must have GitHub Advanced Security (GHAS) enabled for your repository.
|
||||
#
|
||||
# Instructions:
|
||||
# 2. Follow the annotated workflow below and make any necessary modifications then save the workflow to your repository
|
||||
# and review the "Security" tab once the action has run.
|
||||
name: Sobelow
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ $default-branch, $protected-branches ]
|
||||
pull_request:
|
||||
branches: [ $default-branch ]
|
||||
schedule:
|
||||
- cron: $cron-weekly
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
security-scan:
|
||||
permissions:
|
||||
contents: read # for actions/checkout to fetch code
|
||||
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- id: run-action
|
||||
uses: sobelow/action@1afd6d2cae70ae8bd900b58506f54487ed863912
|
||||
- name: Upload report
|
||||
uses: github/codeql-action/upload-sarif@v2
|
||||
with:
|
||||
sarif_file: results.sarif
|
||||
@@ -0,0 +1,57 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" id="Layer_1" data-name="Layer 1" viewBox="0 0 32 32">
|
||||
<defs>
|
||||
<style>.cls-1{fill:none;}.cls-2{fill:#00a8b7;}.cls-3{clip-path:url(#clip-path);}.cls-4{fill:#fff;}.cls-5{fill:#ee4036;}</style>
|
||||
<clipPath id="clip-path">
|
||||
<rect class="cls-1" x="2.69" y="1" width="26.62" height="30" />
|
||||
</clipPath>
|
||||
</defs>
|
||||
<title>NeuraLegion Logo</title>
|
||||
<rect class="cls-2" x="10.08" y="1.86" width="0.47" height="11.32" transform="translate(-2.29 9.54) rotate(-45.22)" />
|
||||
<rect class="cls-2" x="10.22" y="1.74" width="0.47" height="18.7" transform="translate(-4.05 6.41) rotate(-28.8)" />
|
||||
<rect class="cls-2" x="9.82" y="2.43" width="0.47" height="26.34" transform="translate(-4.99 4.72) rotate(-21.33)" />
|
||||
<rect class="cls-2" x="6.07" y="2.68" width="8.37" height="0.47" />
|
||||
<rect class="cls-2" x="5.95" y="11.82" width="8.37" height="0.47" />
|
||||
<rect class="cls-2" x="5.95" y="20.17" width="8.37" height="0.47" />
|
||||
<polygon class="cls-2" points="14.16 20.35 5.79 12.62 6.11 12.28 14.48 20.01 14.16 20.35" />
|
||||
<rect class="cls-2" x="9.9" y="19.68" width="0.47" height="11.39" transform="translate(-15.38 15.6) rotate(-47.27)" />
|
||||
<rect class="cls-2" x="4.91" y="7.41" width="11.06" height="0.47" transform="translate(-2.43 9.01) rotate(-42.26)" />
|
||||
<rect class="cls-2" x="5.02" y="16.06" width="11" height="0.47" transform="translate(-8.09 10.82) rotate(-40.75)" />
|
||||
<rect class="cls-2" x="1.74" y="11.57" width="17.39" height="0.47" transform="translate(-5.2 13.79) rotate(-55.76)" />
|
||||
<rect class="cls-2" x="16.03" y="7.3" width="11.32" height="0.47" transform="translate(0.99 17.47) rotate(-44.79)" />
|
||||
<rect class="cls-2" x="12.32" y="10.79" width="18.53" height="0.47" transform="translate(1.53 24.64) rotate(-61.23)" />
|
||||
<rect class="cls-2" x="8.78" y="15.38" width="26.34" height="0.47" transform="translate(-0.58 30.37) rotate(-68.65)" />
|
||||
<rect class="cls-2" x="17.56" y="2.7" width="8.37" height="0.47" />
|
||||
<rect class="cls-2" x="17.68" y="11.83" width="8.37" height="0.47" />
|
||||
<rect class="cls-2" x="17.68" y="20.18" width="8.37" height="0.47" />
|
||||
<rect class="cls-2" x="16.17" y="16.09" width="11.39" height="0.47" transform="translate(-5.27 19.2) rotate(-42.8)" />
|
||||
<polygon class="cls-2" points="17.84 29.43 17.52 29.09 25.89 21.36 26.2 21.7 17.84 29.43" />
|
||||
<rect class="cls-2" x="21.32" y="2.13" width="0.47" height="11.06" transform="translate(1.39 18.47) rotate(-47.75)" />
|
||||
<rect class="cls-2" x="21.25" y="10.81" width="0.47" height="11" transform="translate(-4.9 21.93) rotate(-49.23)" />
|
||||
<rect class="cls-2" x="21.15" y="2.79" width="0.47" height="17.81" transform="translate(-2.86 14.26) rotate(-34.73)" />
|
||||
<rect class="cls-2" x="4.37" y="2.82" width="0.47" height="16.94" />
|
||||
<rect class="cls-2" x="27.16" y="2.82" width="0.47" height="16.94" />
|
||||
<g class="cls-3">
|
||||
<path class="cls-4" d="M17.69,2.92A1.69,1.69,0,1,1,16,1.22a1.69,1.69,0,0,1,1.69,1.7" />
|
||||
<path class="cls-4" d="M17.69,11.66A1.69,1.69,0,1,1,16,10a1.68,1.68,0,0,1,1.69,1.69h0" />
|
||||
<path class="cls-4" d="M17.69,20.4A1.69,1.69,0,1,1,16,18.71h0a1.69,1.69,0,0,1,1.69,1.69" />
|
||||
<path class="cls-4" d="M17.69,29.08A1.69,1.69,0,1,1,16,27.39h0a1.69,1.69,0,0,1,1.69,1.69" />
|
||||
<path class="cls-5" d="M16,1.48a1.45,1.45,0,1,0,1.45,1.45A1.45,1.45,0,0,0,16,1.48m0,3.37a1.92,1.92,0,1,1,1.94-1.93A1.92,1.92,0,0,1,16,4.85h0" />
|
||||
<path class="cls-5" d="M16,10.21a1.45,1.45,0,1,0,1.45,1.45A1.45,1.45,0,0,0,16,10.21m0,3.37a1.92,1.92,0,1,1,1.94-1.92A1.92,1.92,0,0,1,16,13.58h0" />
|
||||
<path class="cls-5" d="M16,19a1.46,1.46,0,1,0,1.45,1.45A1.45,1.45,0,0,0,16,19m0,3.37a1.92,1.92,0,1,1,1.94-1.92A1.92,1.92,0,0,1,16,22.32h0" />
|
||||
<path class="cls-5" d="M16,27.63a1.45,1.45,0,1,0,1.45,1.45A1.45,1.45,0,0,0,16,27.63M16,31a1.92,1.92,0,0,1,0-3.84A1.92,1.92,0,0,1,16,31h0" />
|
||||
<path class="cls-4" d="M6.29,2.92A1.7,1.7,0,1,1,4.6,1.22a1.69,1.69,0,0,1,1.69,1.7" />
|
||||
<path class="cls-5" d="M4.61,1.48A1.45,1.45,0,1,0,6.06,2.93,1.46,1.46,0,0,0,4.61,1.48m0,3.37A1.92,1.92,0,1,1,6.53,2.93,1.92,1.92,0,0,1,4.61,4.85" />
|
||||
<path class="cls-4" d="M6.29,11.66A1.7,1.7,0,1,1,4.6,10a1.69,1.69,0,0,1,1.69,1.69h0" />
|
||||
<path class="cls-5" d="M4.61,10.21a1.45,1.45,0,1,0,1.45,1.45,1.46,1.46,0,0,0-1.45-1.45m0,3.37a1.92,1.92,0,1,1,1.92-1.92h0a1.93,1.93,0,0,1-1.92,1.92" />
|
||||
<path class="cls-4" d="M6.29,20.4A1.7,1.7,0,1,1,4.6,18.71h0A1.69,1.69,0,0,1,6.29,20.4" />
|
||||
<path class="cls-5" d="M4.61,19A1.46,1.46,0,1,0,6.06,20.4,1.46,1.46,0,0,0,4.61,19m0,3.37A1.92,1.92,0,1,1,6.53,20.4h0a1.93,1.93,0,0,1-1.92,1.92" />
|
||||
<path class="cls-4" d="M25.71,2.93A1.7,1.7,0,1,0,27.4,1.24a1.7,1.7,0,0,0-1.69,1.69" />
|
||||
<path class="cls-5" d="M27.39,1.48a1.45,1.45,0,1,0,1.46,1.45,1.45,1.45,0,0,0-1.46-1.45m0,3.37a1.92,1.92,0,1,1,1.92-1.92h0a1.92,1.92,0,0,1-1.92,1.92" />
|
||||
<path class="cls-4" d="M25.71,11.67A1.7,1.7,0,1,0,27.4,10h0a1.69,1.69,0,0,0-1.69,1.69" />
|
||||
<path class="cls-5" d="M27.39,10.22a1.46,1.46,0,1,0,1.46,1.45,1.45,1.45,0,0,0-1.46-1.45m0,3.37a1.92,1.92,0,1,1,1.92-1.92h0a1.92,1.92,0,0,1-1.92,1.92" />
|
||||
<path class="cls-4" d="M25.71,20.42a1.7,1.7,0,1,0,1.69-1.7,1.69,1.69,0,0,0-1.69,1.7" />
|
||||
<path class="cls-5" d="M27.39,19a1.45,1.45,0,1,0,1.46,1.45A1.45,1.45,0,0,0,27.39,19m0,3.36a1.92,1.92,0,1,1,1.92-1.92h0a1.92,1.92,0,0,1-1.92,1.91" />
|
||||
</g>
|
||||
</svg>
|
||||
|
||||
|
After Width: | Height: | Size: 5.3 KiB |
@@ -0,0 +1,20 @@
|
||||
<?xml version="1.0" standalone="no"?>
|
||||
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 20010904//EN"
|
||||
"http://www.w3.org/TR/2001/REC-SVG-20010904/DTD/svg10.dtd">
|
||||
<svg version="1.0" xmlns="http://www.w3.org/2000/svg"
|
||||
width="500.000000pt" height="500.000000pt" viewBox="0 0 500.000000 500.000000"
|
||||
preserveAspectRatio="xMidYMid meet">
|
||||
|
||||
<g transform="translate(0.000000,500.000000) scale(0.100000,-0.100000)"
|
||||
fill="#000000" stroke="none">
|
||||
<path d="M430 4255 c0 -3 250 -438 555 -967 305 -528 555 -963 555 -965 0 -1
|
||||
-180 -3 -400 -3 l-400 0 0 -75 0 -75 447 -2 446 -3 431 -747 c237 -411 433
|
||||
-748 436 -747 3 0 199 336 435 747 l431 747 447 3 447 2 0 75 0 75 -400 0
|
||||
c-220 0 -400 2 -400 4 0 2 248 433 551 957 303 525 553 960 556 967 4 9 -413
|
||||
12 -2066 12 -1139 0 -2071 -2 -2071 -5z m3833 -223 c-21 -38 -252 -438 -513
|
||||
-890 l-475 -822 -775 0 -776 0 -494 857 c-272 471 -503 871 -513 890 l-17 33
|
||||
1801 0 1801 0 -39 -68z m-1087 -1878 c-10 -25 -658 -1147 -670 -1161 -8 -8
|
||||
-98 140 -343 565 -182 318 -335 585 -338 595 -7 16 29 17 675 17 629 0 682 -1
|
||||
676 -16z"/>
|
||||
</g>
|
||||
</svg>
|
||||
|
After Width: | Height: | Size: 1.0 KiB |
Reference in New Issue
Block a user