Today I remembered I have an old repository without a scan vulnerability, then decided to search for bug codes.
The first step is to enable the options "Dependabot, Code Scanning, Secret Scanning." The code of the project was written in PHP language. It's required to add tools, for example, Psalm Security Scan, PHPMD, SonarWube and others.
The result was fallow:
1. Malware
2. Vulnerabilities
3. Code Scanning
4. Secret Scanning
Those results are awesome, and I do a similar test for project "DVWA".
The result was fallow:
1. Vulnerabilities
2. Code Scanning
No hay comentarios:
Publicar un comentario