├── .github ├── CODEOWNERS └── workflows │ ├── check.yml │ ├── publish.yml │ ├── publish_to_testing.yml │ └── update.yml ├── .gitignore ├── .vscode ├── c_cpp_properties.json └── settings.json ├── Dockerfile ├── LICENSE ├── README.md ├── docs └── images │ ├── Human-Output-Example.png │ ├── SARIF-Viewer-Example.png │ ├── STACS-Logo-RGB.png │ └── STACS-Logo-RGB.small.png ├── pyproject.toml ├── setup.py ├── stacs ├── __init__.py ├── native │ └── archive │ │ └── src │ │ ├── archive.cpp │ │ ├── archiveentry.cpp │ │ ├── archiveentry.hpp │ │ ├── archivereader.cpp │ │ └── archivereader.hpp └── scan │ ├── __about__.py │ ├── __init__.py │ ├── constants.py │ ├── entrypoint │ ├── __init__.py │ └── cli.py │ ├── exceptions.py │ ├── filter │ ├── __init__.py │ └── ignore_list.py │ ├── helper.py │ ├── loader │ ├── __init__.py │ ├── archive.py │ ├── filepath.py │ ├── format │ │ ├── __init__.py │ │ ├── dmg.py │ │ └── xar.py │ └── manifest.py │ ├── model │ ├── __init__.py │ ├── finding.py │ ├── ignore_list.py │ ├── manifest.py │ └── pack.py │ ├── output │ ├── __init__.py │ ├── markdown.py │ ├── pretty.py │ └── sarif.py │ └── scanner │ ├── __init__.py │ └── rules.py ├── tests ├── __init__.py ├── fixtures │ ├── .gitignore │ ├── findings │ │ ├── 001.txt │ │ ├── 002.txt │ │ ├── 003.txt │ │ └── 004.txt │ ├── ignore_list │ │ ├── 001-simple.valid.json │ │ ├── 002-framework.valid.json │ │ ├── 002-project.valid.json │ │ └── 002-system.valid.json │ └── pack │ │ ├── 001-simple.valid.json │ │ ├── 002-cloud.valid.json │ │ ├── 002-parent.valid.json │ │ ├── 002-pki-dsa.valid.json │ │ ├── 002-pki-rsa.valid.json │ │ └── 002-pki.valid.json ├── test_filter_ignore_list.py ├── test_loader_filepath.py ├── test_model_ignore_list.py ├── test_model_pack.py ├── test_output_sarif.py └── test_scanner_rule.py └── wrapper └── stacs-scan /.github/CODEOWNERS: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/.github/CODEOWNERS -------------------------------------------------------------------------------- /.github/workflows/check.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/.github/workflows/check.yml -------------------------------------------------------------------------------- /.github/workflows/publish.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/.github/workflows/publish.yml -------------------------------------------------------------------------------- /.github/workflows/publish_to_testing.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/.github/workflows/publish_to_testing.yml -------------------------------------------------------------------------------- /.github/workflows/update.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/.github/workflows/update.yml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/.gitignore -------------------------------------------------------------------------------- /.vscode/c_cpp_properties.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/.vscode/c_cpp_properties.json -------------------------------------------------------------------------------- /.vscode/settings.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/.vscode/settings.json -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/Dockerfile -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/README.md -------------------------------------------------------------------------------- /docs/images/Human-Output-Example.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/docs/images/Human-Output-Example.png -------------------------------------------------------------------------------- /docs/images/SARIF-Viewer-Example.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/docs/images/SARIF-Viewer-Example.png -------------------------------------------------------------------------------- /docs/images/STACS-Logo-RGB.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/docs/images/STACS-Logo-RGB.png -------------------------------------------------------------------------------- /docs/images/STACS-Logo-RGB.small.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/docs/images/STACS-Logo-RGB.small.png -------------------------------------------------------------------------------- /pyproject.toml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/pyproject.toml -------------------------------------------------------------------------------- /setup.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/setup.py -------------------------------------------------------------------------------- /stacs/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/stacs/__init__.py -------------------------------------------------------------------------------- /stacs/native/archive/src/archive.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/stacs/native/archive/src/archive.cpp -------------------------------------------------------------------------------- /stacs/native/archive/src/archiveentry.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/stacs/native/archive/src/archiveentry.cpp -------------------------------------------------------------------------------- /stacs/native/archive/src/archiveentry.hpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/stacs/native/archive/src/archiveentry.hpp -------------------------------------------------------------------------------- /stacs/native/archive/src/archivereader.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/stacs/native/archive/src/archivereader.cpp -------------------------------------------------------------------------------- /stacs/native/archive/src/archivereader.hpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/stacs/native/archive/src/archivereader.hpp -------------------------------------------------------------------------------- /stacs/scan/__about__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/stacs/scan/__about__.py -------------------------------------------------------------------------------- /stacs/scan/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/stacs/scan/__init__.py -------------------------------------------------------------------------------- /stacs/scan/constants.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/stacs/scan/constants.py -------------------------------------------------------------------------------- /stacs/scan/entrypoint/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/stacs/scan/entrypoint/__init__.py -------------------------------------------------------------------------------- /stacs/scan/entrypoint/cli.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/stacs/scan/entrypoint/cli.py -------------------------------------------------------------------------------- /stacs/scan/exceptions.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/stacs/scan/exceptions.py -------------------------------------------------------------------------------- /stacs/scan/filter/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/stacs/scan/filter/__init__.py -------------------------------------------------------------------------------- /stacs/scan/filter/ignore_list.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/stacs/scan/filter/ignore_list.py -------------------------------------------------------------------------------- /stacs/scan/helper.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/stacs/scan/helper.py -------------------------------------------------------------------------------- /stacs/scan/loader/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/stacs/scan/loader/__init__.py -------------------------------------------------------------------------------- /stacs/scan/loader/archive.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/stacs/scan/loader/archive.py -------------------------------------------------------------------------------- /stacs/scan/loader/filepath.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/stacs/scan/loader/filepath.py -------------------------------------------------------------------------------- /stacs/scan/loader/format/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/stacs/scan/loader/format/__init__.py -------------------------------------------------------------------------------- /stacs/scan/loader/format/dmg.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/stacs/scan/loader/format/dmg.py -------------------------------------------------------------------------------- /stacs/scan/loader/format/xar.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/stacs/scan/loader/format/xar.py -------------------------------------------------------------------------------- /stacs/scan/loader/manifest.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/stacs/scan/loader/manifest.py -------------------------------------------------------------------------------- /stacs/scan/model/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/stacs/scan/model/__init__.py -------------------------------------------------------------------------------- /stacs/scan/model/finding.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/stacs/scan/model/finding.py -------------------------------------------------------------------------------- /stacs/scan/model/ignore_list.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/stacs/scan/model/ignore_list.py -------------------------------------------------------------------------------- /stacs/scan/model/manifest.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/stacs/scan/model/manifest.py -------------------------------------------------------------------------------- /stacs/scan/model/pack.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/stacs/scan/model/pack.py -------------------------------------------------------------------------------- /stacs/scan/output/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/stacs/scan/output/__init__.py -------------------------------------------------------------------------------- /stacs/scan/output/markdown.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/stacs/scan/output/markdown.py -------------------------------------------------------------------------------- /stacs/scan/output/pretty.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/stacs/scan/output/pretty.py -------------------------------------------------------------------------------- /stacs/scan/output/sarif.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/stacs/scan/output/sarif.py -------------------------------------------------------------------------------- /stacs/scan/scanner/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/stacs/scan/scanner/__init__.py -------------------------------------------------------------------------------- /stacs/scan/scanner/rules.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/stacs/scan/scanner/rules.py -------------------------------------------------------------------------------- /tests/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/fixtures/.gitignore: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/fixtures/findings/001.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/tests/fixtures/findings/001.txt -------------------------------------------------------------------------------- /tests/fixtures/findings/002.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/tests/fixtures/findings/002.txt -------------------------------------------------------------------------------- /tests/fixtures/findings/003.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/tests/fixtures/findings/003.txt -------------------------------------------------------------------------------- /tests/fixtures/findings/004.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/tests/fixtures/findings/004.txt -------------------------------------------------------------------------------- /tests/fixtures/ignore_list/001-simple.valid.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/tests/fixtures/ignore_list/001-simple.valid.json -------------------------------------------------------------------------------- /tests/fixtures/ignore_list/002-framework.valid.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/tests/fixtures/ignore_list/002-framework.valid.json -------------------------------------------------------------------------------- /tests/fixtures/ignore_list/002-project.valid.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/tests/fixtures/ignore_list/002-project.valid.json -------------------------------------------------------------------------------- /tests/fixtures/ignore_list/002-system.valid.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/tests/fixtures/ignore_list/002-system.valid.json -------------------------------------------------------------------------------- /tests/fixtures/pack/001-simple.valid.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/tests/fixtures/pack/001-simple.valid.json -------------------------------------------------------------------------------- /tests/fixtures/pack/002-cloud.valid.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/tests/fixtures/pack/002-cloud.valid.json -------------------------------------------------------------------------------- /tests/fixtures/pack/002-parent.valid.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/tests/fixtures/pack/002-parent.valid.json -------------------------------------------------------------------------------- /tests/fixtures/pack/002-pki-dsa.valid.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/tests/fixtures/pack/002-pki-dsa.valid.json -------------------------------------------------------------------------------- /tests/fixtures/pack/002-pki-rsa.valid.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/tests/fixtures/pack/002-pki-rsa.valid.json -------------------------------------------------------------------------------- /tests/fixtures/pack/002-pki.valid.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/tests/fixtures/pack/002-pki.valid.json -------------------------------------------------------------------------------- /tests/test_filter_ignore_list.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/tests/test_filter_ignore_list.py -------------------------------------------------------------------------------- /tests/test_loader_filepath.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/tests/test_loader_filepath.py -------------------------------------------------------------------------------- /tests/test_model_ignore_list.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/tests/test_model_ignore_list.py -------------------------------------------------------------------------------- /tests/test_model_pack.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/tests/test_model_pack.py -------------------------------------------------------------------------------- /tests/test_output_sarif.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/tests/test_output_sarif.py -------------------------------------------------------------------------------- /tests/test_scanner_rule.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/tests/test_scanner_rule.py -------------------------------------------------------------------------------- /wrapper/stacs-scan: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stacscan/stacs/HEAD/wrapper/stacs-scan --------------------------------------------------------------------------------