Verdict-as-a-Service SDKs: Analyze files for malicious content

Related tags

Security tools security malware malware-analysis it-security malware-detection
Overview

Verdict-as-a-Service

Verdict-as-a-Service (VaaS) is a service that provides a platform for scanning files for malware and other threats. It allows easy integration in your application. With a few lines of code, you can start scanning files for malware.

ATTENTION: All SDKs are currently prototypes and under heavy construction!

Integration of Malware Detection

Easily integrate malware detection into any kind of application, service or platform.

Create a command line scanner to find malware with a few lines of code: Example GScan command line malware scanner

Create a KDE Dolphin plugin to scan for malicious content with a few lines of code: Example KDE Dolphin malware scanner plugin

I'm interested in VaaS

You need credentials to use the service in your application. If your are interested in using VaaS, please contact us.

SDKs

At the moment SDKs for Rust, Java, Typescript and PHP are available.

Functionality Rust Java PHP TypeScript
Check SHA256
Check SHA256 list
Check file
Check file list

Documentation

Documentation for the SDKs is available in the corresponding SDK folder.

Planned SDKs

The following SDKs are planned but not yet available: Swift and Perl. If you need SDKs for other languages, please create an issue or contribute an SDK with a pull request.

Comments
  • Zero-byte file throws HTTP 403

    Zero-byte file throws HTTP 403 "Content Length not set"

    Reproduce:

    Try to check a zero byte (empty) file with VaaS Rust SDK. Instead of the expected clean verdict, the following is returned:

    ERROR gdata_cloud_scanner::error: Failed to scan files: Server answered with status code: `400 Bad Request` `{"message":"Bad request: Content-Length not set"}`

    Not sure, if the error is Rust specific, but we should add a test-case for all SDKs, which test the empty file case.

    bug 
    opened by secana 5
  • Larger uploads fail - error handling not possible (status undefined)

    Larger uploads fail - error handling not possible (status undefined)

    Uploading a larger file (>10MB) leads to an error - root cause unknown, but error shows the following:

    /usr/src/app/node_modules/gdata-vaas/lib/vaas.js:191
                    reject(new Error(`Upload failed with ${error.response.status} - Error ${error.response.data.message}`));
                                                                          ^

TypeError: Cannot read properties of undefined (reading 'status')
    at /usr/src/app/node_modules/gdata-vaas/lib/vaas.js:191:75
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)

Node.js v18.8.0

    I can reliably reproduce this issue for files larger than 10 MB (smaller files work fine). The error cannot be caught in a try/catch block due to 'status' being undefined. Please let me know if you need more info.

    Code snippet attached (as screenshot) - error appears using the forFile method.

    image

    bug TypeScript 
    opened by unbekanntes-pferd 3
  • Add examples for UrlScan

    Add examples for UrlScan

    Besides the regular example for FileScan, there should be also examples for UrlScans for each SDKs.

    Check if done:

    • [x] TypeScript
    • [x] PHP
    • [x] .NET
    • [x] Rust
    • [x] Python
    • [x] Java
    • [x] Javascript
    TypeScript PHP DotNet Rust Python Java 
    opened by doxthree 2
  • Bump minimatch from 3.0.4 to 3.1.2 in /typescript

    Bump minimatch from 3.0.4 to 3.1.2 in /typescript

    Bumps minimatch from 3.0.4 to 3.1.2.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • Update protocol documentation for URL submission

    Update protocol documentation for URL submission

    Update the protocol to reflect the needed changes to submit a URL instead of an hash or file: https://github.com/GDATASoftwareAG/vaas/blob/main/protocol/Protocol.md

    documentation enhancement 
    opened by secana 1
  • Move composer-Files to make php package installable

    Move composer-Files to make php package installable

    See if you want to adopt it that way or prefer another solution. But:

    If you want the PHP people to be able to install/clone the SDK directly from the repo using the composer PackageManager, then the composer.json file must be in the root of the repository. Otherwise composer will not be able to find the package. There is unfortunately no way to tell composer to look in a subdirectory of a repository.

    Additional Notes: If you also want to make the package publicly available, you can publish it via https://packagist.org/. (Only the github-repo will be linked).

    opened by dr-bock 1
  • Bump guzzlehttp/guzzle from 7.4.1 to 7.4.3 in /php/src/vaas

    Bump guzzlehttp/guzzle from 7.4.1 to 7.4.3 in /php/src/vaas

    Bumps guzzlehttp/guzzle from 7.4.1 to 7.4.3.

    Release notes

    Sourced from guzzlehttp/guzzle's releases.

    Release 7.4.3

    See change log for changes.

    Release 7.4.2

    See change log for changes.

    Changelog

    Sourced from guzzlehttp/guzzle's changelog.

    7.4.3 - 2022-05-25

    • Fix cross-domain cookie leakage

    7.4.2 - 2022-03-20

    Fixed

    • Remove curl auth on cross-domain redirects to align with the Authorization HTTP header
    • Reject non-HTTP schemes in StreamHandler
    • Set a default ssl.peer_name context in StreamHandler to allow force_ip_resolve
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies PHP 
    opened by dependabot[bot] 1
  • Bump guzzlehttp/guzzle from 7.4.1 to 7.4.3 in /php/tests/vaas

    Bump guzzlehttp/guzzle from 7.4.1 to 7.4.3 in /php/tests/vaas

    Bumps guzzlehttp/guzzle from 7.4.1 to 7.4.3.

    Release notes

    Sourced from guzzlehttp/guzzle's releases.

    Release 7.4.3

    See change log for changes.

    Release 7.4.2

    See change log for changes.

    Changelog

    Sourced from guzzlehttp/guzzle's changelog.

    7.4.3 - 2022-05-25

    • Fix cross-domain cookie leakage

    7.4.2 - 2022-03-20

    Fixed

    • Remove curl auth on cross-domain redirects to align with the Authorization HTTP header
    • Reject non-HTTP schemes in StreamHandler
    • Set a default ssl.peer_name context in StreamHandler to allow force_ip_resolve
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies PHP 
    opened by dependabot[bot] 1
  • Bump guzzlehttp/guzzle from 7.4.1 to 7.4.3 in /php/examples/wordpress/src/gd-scan

    Bump guzzlehttp/guzzle from 7.4.1 to 7.4.3 in /php/examples/wordpress/src/gd-scan

    Bumps guzzlehttp/guzzle from 7.4.1 to 7.4.3.

    Release notes

    Sourced from guzzlehttp/guzzle's releases.

    Release 7.4.3

    See change log for changes.

    Release 7.4.2

    See change log for changes.

    Changelog

    Sourced from guzzlehttp/guzzle's changelog.

    7.4.3 - 2022-05-25

    • Fix cross-domain cookie leakage

    7.4.2 - 2022-03-20

    Fixed

    • Remove curl auth on cross-domain redirects to align with the Authorization HTTP header
    • Reject non-HTTP schemes in StreamHandler
    • Set a default ssl.peer_name context in StreamHandler to allow force_ip_resolve
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies PHP 
    opened by dependabot[bot] 1
  • Bump guzzlehttp/guzzle from 7.4.1 to 7.4.3 in /php/examples/php/SimpleExamples

    Bump guzzlehttp/guzzle from 7.4.1 to 7.4.3 in /php/examples/php/SimpleExamples

    Bumps guzzlehttp/guzzle from 7.4.1 to 7.4.3.

    Release notes

    Sourced from guzzlehttp/guzzle's releases.

    Release 7.4.3

    See change log for changes.

    Release 7.4.2

    See change log for changes.

    Changelog

    Sourced from guzzlehttp/guzzle's changelog.

    7.4.3 - 2022-05-25

    • Fix cross-domain cookie leakage

    7.4.2 - 2022-03-20

    Fixed

    • Remove curl auth on cross-domain redirects to align with the Authorization HTTP header
    • Reject non-HTTP schemes in StreamHandler
    • Set a default ssl.peer_name context in StreamHandler to allow force_ip_resolve
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies PHP 
    opened by dependabot[bot] 1
  • switch from draw.io to mermaid

    switch from draw.io to mermaid

    Github support Mermaid.js (https://mermaid-js.github.io/mermaid/#/) since a few days. It allows the generation of graphs directly in markdown instead the current approach where a draw.io project has to be exported to a svg.

    This PR removes all draw.io diagrams and replaces them with inline mermaid markdown.

    opened by secana 1
  • Add function to get a verdict for multiple URL

    Add function to get a verdict for multiple URL

    Add a function to each SDK that allow to check for files behind multiple URLs, similar to the file upload API.

    Implement the functionality for:

    • [ ] .NET
    • [ ] Java
    • [ ] PHP
    • [ ] Python
    • [ ] Rust
    • [ ] TypeScript
    enhancement TypeScript PHP DotNet Rust Python Java 
    opened by secana 0
  • Add configurable timeout for Request against TokenEndpoint

    Add configurable timeout for Request against TokenEndpoint

    When getting a token from a configurable or default token endpoint, a timeout can occur. In the most cases, the timeout varies in each SDK. Also, the timeout should be configurable, since customers can also use their own token endpoint.

    Check if done:

    • [ ] TypeScript
    • [ ] PHP
    • [ ] .NET
    • [ ] Rust
    • [ ] Python
    • [ ] Java
    • [ ] Javascript
    enhancement TypeScript PHP DotNet Rust Python Java 
    opened by doxthree 1
  • UseShed & UseCache Flags

    UseShed & UseCache Flags

    In the VerdictRequest protocol you can specify two optional flags: use_shed & use_cache

    These are debug flags and should be documented and provided as example in all SDKs.

    documentation TypeScript PHP DotNet Rust Python Java 
    opened by doxthree 3
Releases(rs2.0.4)

  • rs2.0.4(Nov 22, 2022)

    What's Changed

    • add url scan examples by @doxthree in https://github.com/GDATASoftwareAG/vaas/pull/151

    Full Changelog: https://github.com/GDATASoftwareAG/vaas/compare/rs2.0.3...rs2.0.4

    Source code(tar.gz)
    Source code(zip)

  • rs2.0.3(Nov 16, 2022)

  • ts4.0.2(Nov 15, 2022)

    What's Changed

    • 134 update protocol documentation for url submission by @doxthree in https://github.com/GDATASoftwareAG/vaas/pull/149

    Full Changelog: https://github.com/GDATASoftwareAG/vaas/compare/ts4.0.1...ts4.0.2

    Source code(tar.gz)
    Source code(zip)

  • ts4.0.1(Nov 15, 2022)

  • rs2.0.2(Nov 15, 2022)

    What's Changed

    • 134 update protocol documentation for url submission by @doxthree in https://github.com/GDATASoftwareAG/vaas/pull/149

    Full Changelog: https://github.com/GDATASoftwareAG/vaas/compare/rs2.0.1...rs2.0.2

    Source code(tar.gz)
    Source code(zip)

  • rs2.0.1(Nov 15, 2022)

    What's Changed

    • run example from pipeline by @unglaublicherdude in https://github.com/GDATASoftwareAG/vaas/pull/148

    Full Changelog: https://github.com/GDATASoftwareAG/vaas/compare/rs2.0.0...rs2.0.1

    Source code(tar.gz)
    Source code(zip)

  • py2.0.3(Nov 15, 2022)

    What's Changed

    • 134 update protocol documentation for url submission by @doxthree in https://github.com/GDATASoftwareAG/vaas/pull/149

    Full Changelog: https://github.com/GDATASoftwareAG/vaas/compare/py2.0.2...py2.0.3

    Source code(tar.gz)
    Source code(zip)

  • py2.0.2(Nov 15, 2022)

  • php2.0.2(Nov 15, 2022)

    What's Changed

    • 134 update protocol documentation for url submission by @doxthree in https://github.com/GDATASoftwareAG/vaas/pull/149

    Full Changelog: https://github.com/GDATASoftwareAG/vaas/compare/php2.0.1...php2.0.2

    Source code(tar.gz)
    Source code(zip)

  • php2.0.1(Nov 15, 2022)

  • java3.0.1(Nov 15, 2022)

  • cs3.0.3(Nov 15, 2022)

  • cs3.0.2(Nov 15, 2022)

    What's Changed

    • 134 update protocol documentation for url submission by @doxthree in https://github.com/GDATASoftwareAG/vaas/pull/149

    Full Changelog: https://github.com/GDATASoftwareAG/vaas/compare/cs3.0.1...cs3.0.2

    Source code(tar.gz)
    Source code(zip)

  • cs3.0.1(Nov 15, 2022)

  • rs2.0.0(Nov 14, 2022)

    What's Changed

    • add for_url for rust by @doxthree in https://github.com/GDATASoftwareAG/vaas/pull/142

    Full Changelog: https://github.com/GDATASoftwareAG/vaas/compare/ts4.0.0...rs2.0.0

    Source code(tar.gz)
    Source code(zip)

  • ts4.0.0(Nov 11, 2022)

    What's Changed

    • Typescript/add function to scan via submitted url by @doxthree in https://github.com/GDATASoftwareAG/vaas/pull/139

    Full Changelog: https://github.com/GDATASoftwareAG/vaas/compare/php2.0.0...ts4.0.0

    Source code(tar.gz)
    Source code(zip)

  • php2.0.0(Nov 11, 2022)

    What's Changed

    • Add ForUrl for php by @doxthree in https://github.com/GDATASoftwareAG/vaas/pull/141

    Full Changelog: https://github.com/GDATASoftwareAG/vaas/compare/cs3.0.0...php2.0.0

    Source code(tar.gz)
    Source code(zip)

  • java3.0.0(Nov 11, 2022)

    What's Changed

    • add forUrl for scan by @doxthree in https://github.com/GDATASoftwareAG/vaas/pull/138

    Full Changelog: https://github.com/GDATASoftwareAG/vaas/compare/py2.0.1...java3.0.0

    Source code(tar.gz)
    Source code(zip)

  • cs3.0.0(Nov 11, 2022)

    What's Changed

    • add forUrl for scan by @doxthree in https://github.com/GDATASoftwareAG/vaas/pull/140

    Full Changelog: https://github.com/GDATASoftwareAG/vaas/compare/java3.0.0...cs3.0.0

    Source code(tar.gz)
    Source code(zip)

  • py2.0.1(Nov 10, 2022)

  • py2.0.0(Nov 10, 2022)

    What's Changed

    • Python/get verdict for url by @unglaublicherdude in https://github.com/GDATASoftwareAG/vaas/pull/133

    Full Changelog: https://github.com/GDATASoftwareAG/vaas/compare/cs2.0.0...py2.0.0

    Source code(tar.gz)
    Source code(zip)

  • ts3.0.0(Oct 19, 2022)

    What's Changed

    • return sha256 along with the verdict by @unglaublicherdude in https://github.com/GDATASoftwareAG/vaas/pull/118

    Full Changelog: https://github.com/GDATASoftwareAG/vaas/compare/ts2.4.1...ts3.0.0

    Source code(tar.gz)
    Source code(zip)

  • rs1.0.1(Oct 19, 2022)

  • rs1.0.0(Oct 19, 2022)

    What's Changed

    • return sha256 along with the verdict by @unglaublicherdude in https://github.com/GDATASoftwareAG/vaas/pull/118

    Full Changelog: https://github.com/GDATASoftwareAG/vaas/compare/py0.6.2...rs1.0.0

    Source code(tar.gz)
    Source code(zip)

  • py1.0.0(Oct 19, 2022)

    What's Changed

    • return sha256 along with the verdict by @unglaublicherdude in https://github.com/GDATASoftwareAG/vaas/pull/118

    Full Changelog: https://github.com/GDATASoftwareAG/vaas/compare/py0.6.2...py1.0.0

    Source code(tar.gz)
    Source code(zip)

  • php1.0.0(Oct 19, 2022)

    What's Changed

    • return sha256 along with the verdict by @unglaublicherdude in https://github.com/GDATASoftwareAG/vaas/pull/118

    Full Changelog: https://github.com/GDATASoftwareAG/vaas/compare/py0.6.2...php1.0.0

    Source code(tar.gz)
    Source code(zip)

  • java2.0.0(Oct 19, 2022)

    What's Changed

    • return sha256 along with the verdict by @unglaublicherdude in https://github.com/GDATASoftwareAG/vaas/pull/118

    Full Changelog: https://github.com/GDATASoftwareAG/vaas/compare/py0.6.2...java2.0.0

    Source code(tar.gz)
    Source code(zip)

  • cs2.0.0(Oct 19, 2022)

    What's Changed

    • return sha256 along with the verdict by @unglaublicherdude in https://github.com/GDATASoftwareAG/vaas/pull/118

    Full Changelog: https://github.com/GDATASoftwareAG/vaas/compare/cs1.1.0...cs2.0.0

    Source code(tar.gz)
    Source code(zip)

  • py0.6.2(Oct 18, 2022)

  • py0.6.1(Oct 18, 2022)

Owner
G DATA CyberDefense AG
Open source by G DATA CyberDefense AG
G DATA CyberDefense AG
GitHub
A fast, simple, recursive content discovery tool written in Rust.

A simple, fast, recursive content discovery tool written in Rust ?? Releases ✨ Example Usage ✨ Contributing ✨ Documentation ?? ?? What the heck is a f

epi 3.6k Dec 30, 2022
Multi-threaded Padding Oracle attacks against any service. Written in Rust.

rustpad is a multi-threaded successor to the classic padbuster, written in Rust. It abuses a Padding Oracle vulnerability to decrypt any cypher text or encrypt arbitrary plain text without knowing the encryption key!

Kibouo 76 Dec 16, 2022
A self-hosted Fuzzing-As-A-Service platform

OneFuzz A self-hosted Fuzzing-As-A-Service platform Project OneFuzz enables continuous developer-driven fuzzing to proactively harden software prior t

Microsoft 2.6k Jan 8, 2023
Rslide - A web service that allows you to move through multiple html pages in the browser like a slide, even without focusing on the app console or the browser. Currently only supports Windows.

rslide rslide is a web service that allows you to move through multiple html pages in the browser like a slide, even without focusing on the app conso

Jason Dongheng Lee 3 Jan 1, 2022
Checks your files for existence of Unicode BIDI characters which can be misused for supply chain attacks. See CVE-2021-42574

BIDI Character Detector This tool checks your files for existence of Unicode BIDI characters which can be misused for supply chain attacks to mitigate

null 5 Aug 26, 2022
Audit Cargo.lock files for dependencies with security vulnerabilities

RustSec Crates ?? ??️ ?? The RustSec Advisory Database is a repository of security advisories filed against Rust crates published via crates.io. The a

RustSec 1.2k Jan 5, 2023
A tiny program that locates and extracts public save files from Windows to your local directory!

Save Game Extractor | Download Save Game Extractor is a tool that automatically locates and copies save files for Windows games in public directories.

popcar2 6 Dec 23, 2021
Cyg will help you to secure files in your repository directly using PGP encryption

cyg: Secure files in your repository Cyg will help you to secure files in your repository directly using PGP encryption. The name "cyg" was inspired b

Hisam Fahri 2 Aug 31, 2022
🕵️‍♀️ Find, locate, and query files for ops and security experts ⚡️⚡️⚡️

Recon Find, locate, and query files for ops and security experts Key Features • How To Use • Download • Contributing • License Key Features Query with

Rusty Ferris Club 11 Dec 16, 2022
Easy c̵̰͠r̵̛̠ö̴̪s̶̩̒s̵̭̀-t̶̲͝h̶̯̚r̵̺͐e̷̖̽ḁ̴̍d̶̖̔ ȓ̵͙ė̶͎ḟ̴͙e̸̖͛r̶̖͗ë̶̱́ṉ̵̒ĉ̷̥e̷͚̍ s̷̹͌h̷̲̉a̵̭͋r̷̫̊ḭ̵̊n̷̬͂g̵̦̃ f̶̻̊ơ̵̜ṟ̸̈́ R̵̞̋ù̵̺s̷̖̅ţ̸͗!̸̼͋

Rust S̵̓i̸̓n̵̉ I̴n̴f̶e̸r̵n̷a̴l mutability! Howdy, friendly Rust developer! Ever had a value get m̵̯̅ð̶͊v̴̮̾ê̴̼͘d away right under your nose just when

null 294 Dec 23, 2022
A Rust library for evaluating log4j substitution queries in order to determine whether or not malicious queries may exist.

log4j_interpreter A Rust library for evaluating log4j substitution queries in order to determine whether or not malicious queries may exist. Limitatio

Fastly 22 Nov 7, 2022
Socket Monitor: A prettier and simpler alternative to netstat or ss for socket monitoring with the ability to scan for malicious IP addresses.

?? Somo A prettier alternative to netstat or ss for socket monitoring. ⬇️ Installation: 1. Install cargo: From crates.io. 2. Install the somo crate: c

Theodor Peifer 13 Jun 6, 2023
Core Temporal SDK that can be used as a base for language specific Temporal SDKs

Core SDK that can be used as a base for all other Temporal SDKs. Getting started See the Architecture doc for some high-level information. This repo u

temporal.io 136 Dec 21, 2022
Signing HTTP requests without heavy SDKs

reqsign   Signing API requests without effort. Most API is simple. But they could be complicated when they are hidden from complex abstraction. reqsig

Xuanwo 34 Dec 16, 2022
Continuous runtime observablity SDKs to monitor WebAssembly code.

Observe Observe is an observability SDK for WebAssembly. At the moment we support wasmtime hosts and we output opentelemetry data to stdout. We plan t

Dylibso 4 Jun 8, 2023
The fastest way to identify any mysterious text or analyze strings from a file, just ask `lemmeknow` !

The fastest way to identify anything lemmeknow ⚡ Identify any mysterious text or analyze strings from a file, just ask lemmeknow. lemmeknow can be use

Swanand Mulay 594 Dec 30, 2022
A guide for Mozilla's developers and data scientists to analyze and interpret the data gathered by our data collection systems.

Mozilla Data Documentation This documentation was written to help Mozillians analyze and interpret data collected by our products, such as Firefox and

Mozilla 75 Dec 1, 2022
A Rust-based tool to analyze an application's heap.

Heap analysis tool for Rust Heap analysis is a pure-Rust implementation to track memory allocations on the heap. Usage Heap analysis provides a custom

Moritz Hoffmann 8 May 9, 2022
Library and proc macro to analyze memory usage of data structures in rust.

Allocative: memory profiler for Rust This crate implements a lightweight memory profiler which allows object traversal and memory size introspection.

Meta Experimental 19 Jan 6, 2023
Like jq, but for HTML. Uses CSS selectors to extract bits content from HTML files.

Like jq, but for HTML. Uses CSS selectors to extract bits content from HTML files. Mozilla's MDN has a good reference for CSS selector syntax.

Michael Maclean 6.3k Jan 3, 2023