Cumulus is a service that helps you monitor and fix security weakness in realtime. The issues will be reported on web dashboard. It’s very simple and powerful.
Key features
Just install SDK to web front, can be found security weakness on service
Name | Origin | Description |
---|---|---|
XSS | SDK | When user input a xss pattern string, trigger detection of XSS |
SQLInjection | SDK | When user input a sqlinjection pattern, trigger detection of SQLInjection |
Sensitive Payload | SDK | When requesting with sensitive payload. for example, unencoded raw password |
File Upload | SDK | When user embed any file worried for system. for example, web shell |
Unnecessary Comment | Scanner | Code comments are on the served HTML or JS |
Directory Traversal | Scanner | Detect directory listing vulnerability |
Guessing | Scanner | Detect sensitive page like admin |
Unobfuscated Code | Scanner | Detect unobfuscated vulnerable codes |
If you think about able to detect additional weakness, please contribute on SDK or Scanner
The official Cumulus SDK for JavaScript, providing as npm
Note: current version is unsupported version on typescript project but we considering now and gonna make it, quickly! (#2)
To install a SDK, simply add package like belows:
npm install –save https://github.com/tophat-cloud/cumulus
yarn add https://github.com/tophat-cloud/cumulus
Setup and usage of SDK always follow the same principle.
import { protect, captureMessage } from ‘cumulus’;
protect({
key: ‘key’,
});
captureMessage(‘Hello, world!’);
If you haven’t __key__
, please sign-up and create project to get to key
Cybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…
MODeflattener is a specialized tool designed to reverse OLLVM's control flow flattening obfuscation through static…
"My Awesome List" is a curated collection of tools, libraries, and resources spanning various domains…
CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, allowed attackers to execute arbitrary…
The blog post "Chrome Browser Exploitation, Part 1: Introduction to V8 and JavaScript Internals" provides…
The exploitation of CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, relies on…