PortSwigger / ci-driven-scan-github-action
A github action that allows you to run a vulnerability scan.
☆12Updated last year
Alternatives and similar repositories for ci-driven-scan-github-action:
Users that are interested in ci-driven-scan-github-action are comparing it to the libraries listed below
- openrisk is a tool that generates a risk score based on the results of a Nuclei scan.☆167Updated 2 weeks ago
- An open-source collection of API key rotation tutorials.☆63Updated 2 months ago
- Blazing fast GraphQL discovery & fingerprinting toolbox.☆107Updated last year
- Anti-Takeover is a sub domain monitoring tool for (blue/purple) team / internal security team which uses cloud flare. Currently Anti-Take…☆12Updated 4 years ago
- boostsecurityio/lotp☆112Updated this week
- A custom built DNS bruteforcer with multi-threading, and handling of bad resolvers.☆57Updated 2 years ago
- A simple script which implements different Cognito attacks such as Account Oracle or Priviledge Escalation☆102Updated last year
- Monitoring the Cloud Landscape☆78Updated 2 months ago
- truffleproc — hunt secrets in process memory (TruffleHog & gdb mashup)☆113Updated last year
- WAF bypass PoC☆46Updated last year
- Find CVE PoCs on GitHub☆142Updated last year
- ☆58Updated 4 months ago
- 🏴☠️ Find dead-links (broken links)☆132Updated this week
- Fetch the details of assets hosted on AWS.☆86Updated last year
- Obtain GraphQL API Schema even if the introspection is not enabled☆11Updated last year
- Nuclear Pond is a utility leveraging Nuclei to perform internet wide scans for the cost of a cup of coffee.☆175Updated last year
- Burp Suite extension that offers a toolkit for testing GraphQL endpoints.☆189Updated 6 months ago
- A GraphQL enumeration and extraction tool☆130Updated 2 years ago
- Eliminate dangling elastic IPs by performing analysis on your resources within all your AWS accounts.☆268Updated 4 months ago
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts☆60Updated last year
- Curated list of security tools☆64Updated last year
- Konstellation is a configuration-driven CLI tool to enumerate cloud resources and store the data into Neo4j.☆19Updated last year
- Nuclei plugins to audit Chrome extensions☆63Updated 7 months ago
- This terraform provider can be used to get remote code execution by injecting a dummy resource in a writeable state file.☆52Updated 3 weeks ago
- swagroutes is a command-line tool that extracts and lists API routes from Swagger files in YAML or JSON format.☆56Updated last year
- Open a DNS server that knows no records but records every request. Used for DNS exfiltration.☆68Updated 3 years ago
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆101Updated 2 weeks ago
- A public cloud security knowledgebase - https://www.secwiki.cloud/☆51Updated 3 months ago
- Dependency Combobulator☆89Updated last year
- Burp plugin for the 1Password session protocol for use by security researchers.☆61Updated 2 months ago