Hecate - Vulnerability management platform and SCA

⁨7⁩ ⁨likes⁩

Submitted ⁨⁨1⁩ ⁨week⁩ ago⁩ by ⁨0x3e4@feddit.org⁩ to ⁨cybersecurity@infosec.pub⁩

https://hecate.pw/

ive been working on a side project called hecate (foss) and looking for some people to give it a try and give some feedback.

its basically a local vuln db + SCA tool aimed at sec admins and devs:

vuln info collection + api access
SCA scans for repos and containers
AI part is fully opt-in/out (so nothing touches ai if you dont want it)

its based on a prototype i built for my research thesis so still some rough edges… but the core works.

demo: hecate.pw -> system page & AI pages are locked on the demo site
selfhost: github.com/0x3e4/hecate

any feedback is welcome… especially from people doing vuln mgmt, container scanning or dependency review day to day… thanks in advance!

Comments

Sort:hotnew top

tuxec@infosec.pub ⁨1⁩ ⁨week⁩ ago
This looks very good! I’ll definitely try it. Do you plan to maintain, extend it?

source
- 0x3e4@feddit.org ⁨1⁩ ⁨week⁩ ago
  thanks and yes definitely… not so sure about the tempo but i already work with hecate at my company (automate vuln info, SCA for repo scans,…)
  
  source
nixfreak@sopuli.xyz ⁨1⁩ ⁨week⁩ ago
It’s cool, just wish you could query strings and or regex.

source
- 0x3e4@feddit.org ⁨1⁩ ⁨week⁩ ago
  noted! regex will be included in future releases because its actually another good alternative… thanks! regarding query strings -> already works with dql
  
  source
M33@piefed.world ⁨1⁩ ⁨week⁩ ago
Hello there

I will look into that thanks for this projet

source