Fix Lockfile Integrity
Fix Lockfile Integrity is a tool that reverts all sha1 integrity back to sha512 in lock files, supporting both package-lock.json and npm-shrinkwrap.json, working with lockfile versions 1 & 2, and can be configured to work on multiple paths for monorepo support. It only fixes packages from the npm registry by default, but this can be changed via a configuration file. The tool can be installed globally with 'npm install -g fix-lockfile-integrity' or run with npx, and usage involves checking a local folder for a lockfile and fixing any sha1 in it.
FEATURES
ALTERNATIVES
A set of instructions for the Dalvik virtual machine to manipulate registers and values in Android applications.
Directory containing components to build labs for Chapter 29 with setup instructions and VM information.
A CTF platform inspired by motherfuckingwebsite.com, emphasizing simplicity and lightweight features.
Vim syntax-highlighting plugin for YARA rules with support up to v4.3.
Script to check for artifacts with the same name between repositories to prevent Dependency Confusion Attacks.
Security awareness training platform that uses gamification to deliver short cybersecurity education modules to employees while tracking their progress and compliance.
A CLI tool for securely generating keys, passwords, and providing credentials without files, primarily for building secure BOSH deployments using Vault and Spruce.
Protect against Prototype Pollution vulnerabilities in your application by freezing JavaScript objects.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Kriptos
An AI-driven data classification and governance platform that automatically discovers, analyzes, and labels sensitive information while providing risk management and compliance capabilities.
System Two Security
An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.
Aikido Security
Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.
Permiso
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.