Skip to content

@lunasec-io LunaSec

Change the repository type filter

All

    Repositories list

    12 repositories

    • lunasec

      Public
      LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect…
      securitycontinuous-deliverydependency-analysiscybersecuritypci-dssweb-securitycompliancescanningcve-scanningtokenization
      TypeScript
      Other
      1661.5k907Updated May 2, 2024May 2, 2024

    • vulnerable-app

      Public
      Intentionally vulnerable apps that are used to test LunaTrace.
      JavaScript
      5307Updated Mar 2, 2023Mar 2, 2023

    • damn-vulnerable-js-sca

      Public
      An intentionally vulnerable Javascript app containing notable vulnerabilities in its dependencies.
      JavaScript
      Apache License 2.0
      351911Updated Jan 26, 2023Jan 26, 2023

    • dvja

      Public
      Damn Vulnerable Java (EE) Application
      Java
      MIT License
      524000Updated Jan 5, 2023Jan 5, 2023

    • grype

      Public
      A vulnerability scanner for container images and filesystems
      Go
      Apache License 2.0
      736000Updated Dec 29, 2022Dec 29, 2022

    • cwe-sdk-javascript

      Public
      A Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC
      TypeScript
      Apache License 2.0
      11000Updated Nov 17, 2022Nov 17, 2022

    • cve-2022-42889-text4shell-docker

      Public
      Dockerized POC for CVE-2022-42889 Text4Shell (with LunaSec research notes)
      Java
      31100Updated Oct 20, 2022Oct 20, 2022

    • nodejs-lockfile-parser

      Public
      Generate a Snyk dependency tree from package-lock.json or yarn.lock file
      TypeScript
      Other
      29000Updated Sep 14, 2022Sep 14, 2022

    • Spring4Shell-POC

      Public
      This is a dockerized application that is vulnerable to the Spring4Shell vulnerability (CVE-2022-22965).
      vulnerable-web-appspring4shellspring4shell-poc
      Python
      23810701Updated Aug 4, 2022Aug 4, 2022

    • syft

      Public
      CLI tool and library for generating a Software Bill of Materials from container images and filesystems
      Go
      Apache License 2.0
      756100Updated Apr 27, 2022Apr 27, 2022

    • spring-rce-vulnerable-app

      Public archive
      Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228) and the possible Spring RCE vulnerability.
      Java
      Apache License 2.0
      5533400Updated Mar 31, 2022Mar 31, 2022

    • yarn-plugin-workspace-lockfile

      Public
      Yarn 2 plugin to create a separate lockfile per workspace
      JavaScript
      MIT License
      12000Updated Apr 15, 2021Apr 15, 2021