Alternatives and similar repositories for GHAST:

Users that are interested in GHAST are comparing it to the libraries listed below

• nccgroup / RFC-Security-Research
  Paper, data and code from Investigating Potential Security Vulnerability Manifestation through Various Analyses & Inferences Regarding In…
  ☆19Updated 4 years ago
• abhisek / supply-chain-security-gateway
  Reference architecture and proof of concept implementation for supply chain security gateway
  ☆23Updated 2 years ago
• AdnaneKhan / ActionsCacheBlasting
  Proof-of-concept code for research into GitHub Actions Cache poisoning.
  ☆22Updated last month
• akabe1 / akabe1-semgrep-rules
  My collection of Semgrep rules for vulnerability detection on source code (swift, java)
  ☆34Updated last year
• usnistgov / vulntology
  Development of the NIST vulnerability data ontology (Vulntology).
  ☆39Updated this week
• nccgroup / insject
  insject is a tool for poking at containers. It enables you to run an arbitrary command in a container or any mix of Linux namespaces.
  ☆50Updated 3 years ago
• AnubisSec / GroovyWaiter
  ☆17Updated 2 years ago
• wspr-ncsu / mininode
  Mininode is a CLI tool to reduce the attack surface of the Node.js applications by using static analysis.
  ☆21Updated 2 years ago
• kerberosmansour / InfoSecOpenAIExamples
  InfoSec OpenAI Examples
  ☆19Updated last year
• purs3lab / Argus
  ☆44Updated 9 months ago
• 5stars217 / malicious_models
  using ML models for red teaming
  ☆43Updated last year
• anvilsecure / hominoid
  Proof of concept for an anti-phishing browser plugin, working by comparing pages screenshots with perceptual hashing algorithms.
  ☆11Updated 3 years ago
• s0rcy / semgrep-rules
  Collection of Semgrep rules for security analysis
  ☆10Updated last year
• stacscan / stacs
  Static Token And Credential Scanner
  ☆96Updated last year
• ajinabraham / package_scan
  PoC: Python package static and dynamic analysis to detect environment variable stealing
  ☆10Updated 4 years ago
• SonarSource / argument-injection-vectors
  A curated list of argument injection vectors
  ☆40Updated 2 months ago
• AvalZ / RevOK
  An HTTP Response fuzzer to find Vulnerabilities in Security Scanners
  ☆26Updated 10 months ago
• omerlh / zap-operator
  ☆21Updated 5 years ago
• ossf / security-reviews
  A community collection of security reviews of open source software components.
  ☆93Updated last year
• darryk10 / CVE-2021-25735
  Exploit CVE-2021-25735: Kubernetes Validating Admission Webhook Bypass
  ☆18Updated 4 years ago
• N0MoreSecr3ts / wraith-signatures
  Signatures for wraith used to detect secrets across various sources
  ☆15Updated 2 years ago
• BishopFox / awsservicemap
  Go module that returns supported regions for a service or supported services for a region
  ☆17Updated 10 months ago
• silentsignal / SemGWT
  Semgrep rules to identify GWT attack surface
  ☆11Updated 2 years ago
• post-cyberlabs / CVE-Advisory
  Publishing advisories for CVEs found by POST Cyberforce
  ☆13Updated 3 months ago
• georlav / objectmap
  A Simple command line tool that helps checking web applications to identify insecure deserialization vulnerabilities.
  ☆24Updated 5 years ago
• OTARIS / FirmwareCheck
  Automated dynamic security analysis by emulation of IoT firmware images in CI-pipelines.
  ☆11Updated 3 years ago
• binareio / FastCVE
  FastCVE - fast, rich and API-based search for CVE and more (CPE, CWE, CAPEC)
  ☆49Updated last week
• elttam / rsu-cracker
  ☆32Updated 2 years ago
• trufflesecurity / WhoAmISlack
  Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.
  ☆40Updated last year
• Damian89 / extended-baserequest-importer
  Scan and import relevant requests directly to burp!
  ☆9Updated 5 years ago