A working repository of custom script integrations for veracode

Created by Justin Bukstel (@justinbukstel). Inspired by the work done by Brian Pitta (@brian1917)

Author: Ricardo | Fork of Veracode-tags-tests repo Ricardo created

Veracode Script | SBOM Generator for Agent Based Scans with terminal based user interface

Author: Thomas Saekao - @tsaekao | Some helpful scripts for Veracode - Fork to maintain

A shell wrapper to semi-automate the veracode fix workflow

Veracode fix demo script

Author: Jin Mok (@m4ckdaddy) | Veracode Pipeline scan via the pipeline scan rest endpoint. This script was created with the intention to remove the 200 mb file size limit caused by the limitation in the file chunking that occurs in the wrapper.

Retrieves findings with APPROVED mitigations from an application's policy scan (or sandbox) and creates a baseline file for Pipeline Scan. Mitigations in a "proposed" state will not be retrieved.

An installer tool to install veracode tools in your enviornemnt

Veracode Database Look Up Tool to query the Veracode Vulnerability Database

Copies mitigations from one Veracode profile to another if it's the same flaw based on the following flaw attributes: issueid, cweid, type, sourcefile, and line. The script will copy all proposed and accepted mitigations for the flaw. The script will skip a flaw in the copy_to build if it already has an accepted mitigation.