From a987cb01536b77d14322f4b7de18f96166e78325 Mon Sep 17 00:00:00 2001 From: HAHWUL Date: Sun, 18 Aug 2024 19:04:46 +0900 Subject: [PATCH] feat: Add ConfusedDotnet, dependency-confusion-scanner, and depenfusion tools --- weapons/ConfusedDotnet.yaml | 9 +++++++++ weapons/dependency-confusion-scanner.yaml | 9 +++++++++ weapons/depenfusion.yaml | 9 +++++++++ 3 files changed, 27 insertions(+) create mode 100644 weapons/ConfusedDotnet.yaml create mode 100644 weapons/dependency-confusion-scanner.yaml create mode 100644 weapons/depenfusion.yaml diff --git a/weapons/ConfusedDotnet.yaml b/weapons/ConfusedDotnet.yaml new file mode 100644 index 0000000..84837e3 --- /dev/null +++ b/weapons/ConfusedDotnet.yaml @@ -0,0 +1,9 @@ +--- +name: ConfusedDotnet +description: Tool to check for dependency confusion vulnerabilities in NuGet package management systems +url: https://github.com/visma-prodsec/ConfusedDotnet +category: tool +type: Scanner +platform: [windows] +lang: C# +tags: [dependency-confusion] diff --git a/weapons/dependency-confusion-scanner.yaml b/weapons/dependency-confusion-scanner.yaml new file mode 100644 index 0000000..7ef6468 --- /dev/null +++ b/weapons/dependency-confusion-scanner.yaml @@ -0,0 +1,9 @@ +--- +name: dependency-confusion-scanner +description: This small repo is meant to scan Github's repositories for potential Dependency confusion vulnerabilities. +url: https://github.com/Yaniv-git/dependency-confusion-scanner +category: tool +type: Scanner +platform: [linux, macos, windows] +lang: Python +tags: [dependency-confusion] diff --git a/weapons/depenfusion.yaml b/weapons/depenfusion.yaml new file mode 100644 index 0000000..2ee3cd2 --- /dev/null +++ b/weapons/depenfusion.yaml @@ -0,0 +1,9 @@ +--- +name: depenfusion +description: A powerful pentesting tool for detecting and exploiting dependency confusion vulnerabilities in Node.js projects +url: https://github.com/benjamin-mauss/depenfusion +category: tool +type: Scanner +platform: [linux, macos, windows] +lang: Python +tags: [dependency-confusion]