Watch on YouTube
docker pull owasp/zap2docker-weekly docker run -t owasp/zap2docker-weekly zap-baseline.py -t https://bugzilla.mozilla.org
NIN: Bandit is a tool designed to find common security issues in Python code.
$ bandit -r ~/src/github.com/Kinto/Kinto
Security Group Testing for AWS
NIN: This is a prototype to assert the content of security groups between AWS components. It only supports ELB, EC2 and RDS at the moment. Doesn't do any egress inspection and doesn't flag overly open groups. Basically, it's not ready for production, I'm just toying with the concept.
$ go get github.com/jvehent/pineapple $ pineapple -c example/invoicer.yaml
$ go get github.com/mozilla/tls-observatory/tlsobs $ tlsobs -targetlevel intermediate addons.mozilla.org // or docker $ docker pull mozilla/tls-observatory $ docker run -it mozilla/tls-observatory tlsobs accounts.firefox.com