Sec1
ProductsBook A DemoContact Us
  • Sec1 Documentation
  • Quick Start
    • Login to Sec1
    • Your First Scan
    • View Results
  • Integration with Sec1
    • Registration & Login
      • Login with GITHub
      • New Registration
      • Forgot Password
      • Team Administration
    • Scan
    • Dashboard
    • Auto Fix
    • Integration with Sec1 CLI
      • Sec1 CLI (Command Line Interface) Overview
        • Config
        • Scan
        • Search
    • Integration with CI/CD
      • Jenkins Integration
      • Github Actions
      • Azure DevOps Extension for Sec1 Security
      • Azure DevOps Extension for Sec1 Container Image Scanner
      • GCP Code Build
      • Gitlab CI/CD Component
      • Integration with CircleCI Using the Sec1 Orb
      • Teamcity Plugin
    • How to Get Your API Key
  • External Integrations
    • GITHub Integration
    • Azure SCM Integration
    • Notifications
    • Generate Sec1 API Token
  • Static Application Security Testing
    • SAST Java Rules
      • GIT Leaks
      • Leakage of Information in Logger Message
      • Leakage of sensitive data in cookie
      • Leakage of sensitive data in exception message
      • Leakage of sensitive data to Airbrake
      • Leakage of sensitive data to Algolia
      • Leakage of Sensitive Data to Bugsnag
      • Leakage of Sensitive Data to ClickHouse
      • Leakage of Sensitive Data to Datadog
      • Leakage of Sensitive Data to ElasticSearch
      • Leakage of Sensitive Data to New Relic
      • Leakage of Sensitive Data to OpenTelemetry
      • Leakage of Sensitive Data to RollBar
      • Leakage of Sensitive Data to Sentry
      • Leakage of Sensitive Information in Exception Messages
      • Leakage of sensitive information in logger message
      • Missing authentication for database
      • Missing database password detected
      • Missing HTTP Only Option in Cookie Configuration
      • Missing Optimal Asymmetric Encryption Padding (OAEP)
      • Missing or Permissive SSL Hostname Verifier
      • Missing Protection against Session Fixation Attacks
      • Missing Secure option in cookie configuration
      • Missing signature verification of JWT
      • Missing SSL host check in SMTP
      • Missing Support for Integrity Check
      • Missing TLS validation
      • Observable Timing Discrepancy
      • Permissive Access-Control-Allow-Origin configuration
      • Permissive context mode for resources
      • Permissive cookie configuration
      • Permissive HTTP Only option in cookie configuration
      • Permissive Screenshot option set
      • Possible CLRF injection detected
      • Possible expression language (EL) injection detected
      • Possible HTTP Parameter Pollution detected
      • Unsanitized external input in SQL query
      • Unsanitized use of FileUpload filename
      • Unsanitized user input in 'eval' type function
      • Unsanitized user input in Access-Control-Allow-Origin
      • Unsanitized user input in AWS query
      • Unsanitized user input in code generation
      • Unsanitized user input in deserialization method
      • Unsanitized User Input in File Path Traversal
      • Unsanitized User Input in File Path
      • Unsanitized user input in format string detected
      • Unsanitized user input in HTTP request (SSRF)
      • Unsanitized user input in HTTP response (XSS)
      • Unsanitized user input in LDAP request
      • Unsanitized user input in logger message
      • Unsanitized User Input in OS Command
      • Unsanitized User Input in Output Stream (XSS)
      • Unsanitized User input in Redirect
      • Unsanitized User Input in Regular Expression
      • Unsanitized user input in SQL catalog configuration
      • Unsanitized user input in XML External Entity
      • Unsanitized User Input in XPath
      • Usage of bad hex conversion on digest array
      • Usage of CBC (Cipher Block Chaining) Mode with Padding
      • Usage of custom Digest class
      • Usage of dangerous permissions
      • Usage of ECB Cipher Mode
      • Usage of External Input in Code Reflection
      • Usage of hard-coded database password
      • Usage of hard-coded secret
      • Usage of insufficient random value
      • Usage of naive Socket class to create SSL Socket
      • Usage of permissive file permission ('other')
      • Usage of small key size with Blowfish encryption
      • Usage of Trusted and Untrusted Data inside the same Data Structure
      • Usage of vulnerable Apache Commons Collections InvokeTransformer class
      • Usage of weak encryption algorithm (DES)
      • Usage of Weak Hashing Library on a Password (SHA-1)
      • Usage of Weak Hashing library (MD5)
    • SAST JavaScript Rules
      • Leakage of hard-coded secret in JWT
      • Leakage of information in logger message
      • Leakage of sensitive data in dynamic file generation
      • Leakage of sensitive data in exception message
      • Leakage of sensitive data in JWT
      • Leakage of sensitive data in local storage
      • Leakage of sensitive data to Airbrake
      • Leakage of sensitive data to Algolia
      • Leakage of sensitive data to Bugsnag
      • Leakage of sensitive data to Datadog RUM
      • Leakage of sensitive data to Datadog
      • Leakage of sensitive data to ElasticSearch
      • Leakage of sensitive data to Google Analytics (React)
      • Leakage of sensitive data to Google Analytics
      • Leakage of sensitive data to Google Tag Manager
      • Leakage of sensitive data to HoneyBadger
      • Leakage of sensitive data to New Relic
      • Leakage of sensitive data to OpenTelemetry
      • Leakage of sensitive data to OpenAI
      • Leakage of sensitive data to RollBar
      • Leakage of sensitive data to Segment
      • Leakage of sensitive data to Sentry
      • Leakage of sensitive information in logger message
      • Missing Access Restriction on Directory Listing
      • Missing escape of HTML entities in Handlebars template compilation
      • Missing Helmet configuration on HTTP headers
      • Leakage of Sensitive Information in Exception Messages
      • Missing origin check in message handler
      • Missing Revoke Method on JWT
      • Missing Secure HTTP server Configuration
      • Missing Secure option in Cookie Configuration
      • Missing Server Configuration to reduce Server Fingerprinting
      • Missing TLS validation
      • Observable Timing Discrepancy
      • Permissive file assignment
      • Permissive origin in postMessage
      • Unsanitized dynamic input in file path traversal
      • Unsanitized dynamic input in file path
      • Unsanitized Dynamic input in OS Command
      • Unsanitized dynamic input in regular expression
      • Unsanitized input in NoSQL query
      • Unsanitized user input in 'eval' type function
      • Unsanitized user input in React inner HTML method (XSS)
      • Unsanitized user input in Access-Control-Allow-Origin
      • Unsanitized user input in deserialization method
      • Unsanitized user input in deserialization method
      • Unsanitized user input in dynamic HTML insertion (XSS)
      • Unsanitized user input in DynamoDB query
      • Unsanitized User Input in File Path Traversal
      • Unsanitized user input in format string
      • Unsanitized user input in HTTP request (SSRF)
      • Unsanitized user input in HTTP request (SSRF)
      • Unsanitized user input in HTTP response (XSS)
      • Unsanitized User input in HTTP Send file request
      • Unsanitized User input in OS command
      • Unsanitized user input in raw HTML strings (XSS)
      • Unsanitized User input in Redirect HAPI
      • Unsanitized user input in redirect
      • Unsanitized User input in Redirect
      • Unsanitized user input in regular expression
      • Unsanitized User Input in Resource Rendering
      • Unsanitized input in SQL query
      • Unsanitized User Input in UI
      • Unsanitized user input in XML parsing method
      • Usage of default Cookie Configuration
      • Usage of Default Session Cookie Configuration
      • Usage of externally controlled input to select code
      • Usage of hard-coded Passport Secret
      • Usage of hard-coded secret
      • Usage of Hard-Coded Secret
      • Usage of insecure HTTP connection
      • Usage of insecure websocket connection
      • Usage of insufficient random value
      • Usage of manual HTML sanitization (XSS)
      • Usage of Session on Static Asset (CSRF)
      • Usage of vulnerable DOMPurify package
      • Usage of vulnerable marked package
      • Usage of weak encryption algorithm (DES)
      • Usage of weak encryption algorithm on a password (DES)
      • Usage of weak encryption algorithm on a password (RC4)
      • Usage of weak encryption algorithm (RC4)
      • Usage of weak hashing library (MD5)
      • Usage of weak hashing library on a password (Argon2)
      • Usage of weak hashing library on a password (MD5)
      • Usage of weak hashing library on a password (SHA-1)
      • Usage of weak hashing library (SHA-1)
  • SBOM Scanner
    • Config
    • Scan
  • CISO Console
  • Pricing & Billing
  • CVE API
Powered by GitBook
On this page
  1. Integration with Sec1
  2. Registration & Login

Login with GITHub

Initiating Login with GitHub

To proceed, select the "Login with GitHub" option. This action will redirect you to the Sec1 dashboard after logging in with GITHub, granting access to its suite of tools and resources.

PreviousRegistration & LoginNextNew Registration

Last updated 9 months ago