CVE-2019-3462

Container Scan This action is a clone with modifications to the Azure Container Scan Github action This action can be used to help you add some additional checks to help you secure your Docker Images in your CI This would help you attain some confidence in your docker image before pushing them to your container registry or a deployment It internally uses Trivy for running ce

Cyber security project

APT-GET-Vulnerability-exploit Motivation The repository contains code that attempts to launch man-in-the middle attack on apt/apt-get * Advanced Package Tool, or APT can be described as a free software user interface to work with core libraries to handle various functionalities such as installation and removal of softwares on Debian and Linux distributions such as Ubuntu * It

Tufin Labs - Github Action for Docker Vulnerability Scanning This GitHub Action scans a docker image for vulnerabilities using Tufin SecureCloud Setup Signup to SecureCloud In the SecureCloud console, go to the Kubernetes/Settings/General view and copy two tokens: The token with Scope=agent and Label=kite The token with Scope=all and Label=CI Add the following se

IBM-Cloud-Vulnerability-Advisor- en construcción 🔨 Objetivos Los objetivos del tutorial son: Comprender las características principales de IBM Cloud Container Registry and Vulnerability Advisor Utilice las funciones de estos servicios para crear un flujo de trabajo Servicios utilizados Este tutorial utiliza los siguientes servicios de IBM Cloud: Registro de con

[ARCHIVE] To analyze samples downloaded over insecure channel and secure channels

TL;DR All issues discussed here ARE a result of caching servers that served older versions of software over insecure protocols and channels Shady downloads and redirections To analyze samples downloaded over insecure channel and secure channels from Sudanese ISPs [Update] November 2019 Turns out there is a dedicated website called why does apt not use https dot com yes

Retrieve package digests

About Digestlookup retrieves digests from various package repository metadata The downloaded metadata is PGP-verified before it's parsed Additionally, connections to repository mirrors are pinned by their TLS/SSL keys in order to mitigate the impact of bugs like CVE-2016-1252 and CVE-2019-3462 The currently supported repositories are APT (Debian, Ubuntu, et al) and Po

Clone of Azure/container-scan

Container Scan This action is a clone with modifications to the Azure Container Scan Github action This action can be used to help you add some additional checks to help you secure your Docker Images in your CI This would help you attain some confidence in your docker image before pushing them to your container registry or a deployment It internally uses Trivy for running ce

Check @Debian and @ubuntu #GNU / #Linux for CVE-2019-3462 in APT

Check @Debian and @Ubuntu #GNU / #Linux for CVE-2019-3462 in APT

Playbook update APT package because CVE-2019-3462

Playbook update APT packege because CVE-2019-3462

[ARCHIVE] To analyze samples downloaded over insecure channel and secure channels

TL;DR All issues discussed here ARE a result of caching servers that served older versions of software over insecure protocols and channels Shady downloads and redirections To analyze samples downloaded over insecure channel and secure channels from Sudanese ISPs [Update] November 2019 Turns out there is a dedicated website called why does apt not use https dot com yes