Discover snyk-labs/rules_snyk Open Source project

An Awesome List of Log4Shell resources to help you stay informed and secure! 🔒

485

awesome-log4shell

222

exploit-workshop

A step by step workshop to exploit various vulnerabilities in Node.js and Java applications

156

java-goof

A Python client for the Snyk API.

pysnyk

Examples of integrating the Snyk CLI into a CI/CD system

snyk-cicd-integration-examples

Groovy

eslint-config-react-security

A ESLint configuration package for React developers who want to avoid security mistakes.

Best practices to containerize Node.js web applications with Docker

nodejs-docker-best-practices

Kubernetes Stranger Danger

kubernetes-goof

Shell

helm-snyk

Check images in your charts for vulnerabilities

Mitigate security concerns of Dependency Confusion supply chain security risks

snync

Scans your Github Actions for security issues

github-actions-scanner

An npm package for demonstration purposes using TypeScript to build for both the ECMAScript Module format (i.e. ESM or ES Module) and CommonJS Module format. It can be used in Node.js and browser applications.

modern-npm-package

A demo repo showcasing Snyk's Docker offering

docker-goof

Shell

nopp

Tiny helper to protect against Prototype Pollution vulnerabilities in your application regardless if they introduced in your own code or in 3rd-party code

Keeps Snyk projects in sync with their associated Github repos

snyk-scm-refresh

Snyk PHP Goof - A vulnerable PHP demo application

php-goof

PHP

eslint-plugin-react-security

ESLint plugin with rules for finding security issues in React projects.

Snyk filtering for SNYK CLI

snyk-filter

CLI tool designed to manage tags and attributes at scale

snyk-tags-tool

retrieve all dependencies for all orgs in a group

infrastructure-as-code-goof

HCL

snyk-deps-to-csv

Collection of docker entrypoints that facilitate snyk '--all-projects'-style bulk scanning

snyk-bulk

snyk-chat-goof

Tool to automate the importing of an AWS Organization in to Snyk Cloud

snyk-cloud-aws-importer

A Snyk's netlify build plugin

netlify-plugin-snyk

Docker goof version of breaking into a container

container-breaking-in-goof

sync user org memberships from an external source into Snyk

snyk-user-sync-tool

A vulnerable Serverless application deployed on GCF

serverless-gcf-goof

A Node.js client for the Snyk API

frontend-security-bingo

Frontend Security Bingo

Vue

snyk-api-client

This project is intended to serve as a proof of concept to demonstrate exploiting the vulnerability in the PDF.js (pdfjs-dist) library reported in CVE-2024-4367

pdfjs-vuln-demo

Astro

npq

safely install packages with npm or yarn by auditing them as part of your install process

serverless-spring-goof

Some basic Infrastructure-as-Code examples to accompany blogs

iac-scan-examples

HCL

snyk-cr-monitor

monitor your on-premise Artifactory container images for vulnerabilities in Snyk

This repo is to demonstrate the file traversal hack which uses a vulnerability in the Instant Markdown VSCode extension

VSCode-Instant-markdown-vuln

Hack

snyk-request-manager

Queue based request manager to throttle and retry interaction with Snyk API endpoints

ctf-101

Simple tool to generate a list of repositories that aren't in Snyk

snyk-repo-diff

Snyk API Typescript client generated from API Blueprints

snyk-api-ts-client

Export Snyk report issues to HTML

snyk-issues-to-html

HTML

snyk-issues-to-csv

node-ipc-goof

Count the number of contributing developers to an Azure Repos organization in the last 90 days

azure-repos-contributors-count

CVE-2023-50164-POC

A way to ensure your GitHub Repos are monitored by Snyk

snyk-scm-mapper

A demo repo showcasing Snyk's IAC offering for terraform

terraform-goof

HCL

snyk-threadfix

Show open source vulnerabilities from Snyk in ThreadFix

snyk-repo-issue-tracker

test and monitor bazel targets for vulnerabilities in external open source dependencies, uses bazel query output

bazel2snyk

Python scripts for bulk modification of Organization settings

snyk-bulk-action-scripts

For Snyk CLI, ignore all issues introduced through a given set of dependencies

snyk-transitive-ignore

Snyk IaC to Cloud Custom Rules is in beta. This repository contains example custom rules to help you get started.

heroku-goof

CSS

iac-to-cloud-example-custom-rules

Open Policy Agent

sbom-to-snyk-depgraph

convert cyclone dx sbom to snyk depgraph and test or monitor it for open source issues

monorepo utility wrapper for Snyk CLI

snyk-scan.sh

Shell

event-app-node-grpc

A demonstration application for building a secure API using gRPC in Node.js

A set of custom GitHub actions providing additional functionality when integrating Snyk into your Actions CI/CD pipeline.

cypress-security-vulnerability-test

actions

snyk-java-jar-test

Test Java JARs using Snyk

Apply Custom Role to a list of users in each Org of a Group

apply-custom-role

An experimental tool for working with Snyk and Kubernetes

ksnyk

snyk-migrate-to-github-app