Contrast-Security-OSS / Burptrast
Burp Plugin for Contrast Security
☆17Updated last year
Related projects: ⓘ
- Semgrep rules corresponding to the OWASP ASVS standard☆27Updated 3 years ago
- A step-by-step walkthrough of CloudGoat 2.0 scenarios.☆132Updated 4 years ago
- GCP GOAT is the vulnerable application for learn the GCP Security☆61Updated 11 months ago
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆60Updated last year
- Orchestron is an Application Vulnerability Management and Correlation Tool.Orchestron helps you solve one key problem "Find and fix vulne…☆31Updated last year
- 🖇️ STRIDE vs. ASVS equivalence table☆74Updated 3 weeks ago
- POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF☆57Updated last year
- InfoSec OpenAI Examples☆19Updated 9 months ago
- Presentations, training modules, and other education materials from Duo Security's Application Security team.☆69Updated 3 years ago
- This repo gives an overview of some GCP metadata API attack and defend patterns☆76Updated 4 years ago
- ☆60Updated last year
- Bento Toolkit is a minimal fedora-based container for penetration tests and CTF with the sweet addition of GUI applications.☆75Updated 3 years ago
- Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.☆74Updated 2 years ago
- ☆133Updated last year
- Corsair_scan is a security tool to test Cross-Origin Resource Sharing (CORS).☆122Updated last year
- Scans Slack for API tokens, credentials, passwords, and more using YARA rules☆37Updated 3 years ago
- Docs: Vulnerability management aggregation of AppSec & OpSec (Tools Listing)☆30Updated last year
- A list of "secrets" from JWT sample code and readme files.☆51Updated 3 years ago
- MetaSec.js combines all the free open-source security tools to identify issues with JavaScript and automates the boring parts☆77Updated last year
- Security checks for http headers and cookies☆24Updated 3 years ago
- Scripts and tools for AWS Pentest☆51Updated 3 years ago
- ☆108Updated last year
- Virtual Security Operations Center☆49Updated last year
- ☆90Updated 2 years ago
- AWS Security Checks☆36Updated 6 years ago
- The Pixi module is a MEAN Stack web app with wildly insecure APIs!☆110Updated last year
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆95Updated 9 months ago
- Offensive Terraform module which creates EC2 instance and reverse shell from an EC2 instance to attacker machine.☆17Updated 4 years ago
- Custom scripts for the PIPER Burp extensions.☆97Updated 11 months ago
- ☆58Updated last year