Here are some incredible tools I have been using these last couple of months that I thought were dope!
I love semgrep's taint mode. This is data flow analysis that can track the flow of untrusted code from a source and can track that across wherever that vulnerable data goes into a function. Example - User enters input that goes into an eval/equivalent function
I really dig sysdig falco. I discovered that sysdig has a command called "spy_users" where sysdig maintains a log of all commands run by the user on a given linux machine. Pretty nifty if you want to monitor for potentially dangerous commands being invoked on the box.
KubeAudit is one of my favorite tools to audit kubernetes clusters. A useful feature in kubeaudit is the autofix feature, where you feed kubeaudit a vulnerable kubernetes yaml manifest and kubeaudit auto-fixes the vulnerable configs and converts them to more secure configs
One of my favorite AWS security tools is steampipe. They have a nifty mode where you can their collection of CIS benchmarks to be run against the target AWS environment. It's super convenient!
Are you staying on the bleeding edge of all things AppSec? Sharpen your AppSec skills with Advanced Application Security courses here!
help@appsecengineer.com
United States
11166 Fairfax Boulevard, 500, Fairfax, VA 22030
APAC
68 Circular Road, #02-01, 049422, Singapore
help@appsecengineer.com
United States
11166 Fairfax Boulevard, 500, Fairfax, VA 22030
APAC
68 Circular Road, #02-01, 049422, Singapore