ntscx

How to Install SonarQube Using Docker

Introduction SonarQube is an open-source platform for continuous inspection of code quality. It provides detailed reports on bugs, code smells, and security vulnerabilities in your codebase. In this guide, we’ll show you how to install SonarQube, Docker-powered. Prerequisites Step-by-Step Installation This command will download the latest SonarQube Docker image and run it as a daemon….

Read More

OWASP Top 10 attack vectors, risks, and tools explained

What’s OWASP briefly OWASP stands for Open Web Application Security Project, a non-profit organization that’s focused on web application security standards, tools, and methodologies. OWASP top 10 in its turn stands for Top-10 major and wide-spread security risks of web applications (doesn’t matter backend or frontend ones). OWASP is a registered trademark of the OWASP foundation…

Read More

Top-5 handy lerna flags for your monorepo

–scope <package_name | name_pattern> This filter limits the command execution scope only to packages that meet the condition. For example: Wait, what is this lerna? Lerna is a monorepo tool, that makes you having all packages at hand. It significantly simplifies your git and versioning routine. Read more about lerna. –ignore <package_name | name_pattern> This one…

Read More

5 stages of penetration testing explained

Active and passive reconnaissance Passive reconnaissance Passive reconnaissance doesn’t include using actual pentesting utils, but rather is an analysis of what the organization looks like from within. The good start is to google as much information as you can about the target. You can search for job openings, financial reports, office photos. Especially useful information…

Read More