PortSwigger / ci-driven-scan-github-actionLinks
A github action that allows you to run a vulnerability scan.
☆12Updated last year
Alternatives and similar repositories for ci-driven-scan-github-action
Users that are interested in ci-driven-scan-github-action are comparing it to the libraries listed below
Sorting:
- Anti-Takeover is a sub domain monitoring tool for (blue/purple) team / internal security team which uses cloud flare. Currently Anti-Take…☆12Updated 4 years ago
- Obtain GraphQL API Schema even if the introspection is not enabled☆11Updated last year
- 🔗 A curated list of awesome Caido related projects☆36Updated 2 months ago
- 🕸️ Blazing fast GraphQL endpoints finder using subdomain enumeration, scripts analysis and bruteforce. 🕸️☆215Updated 2 years ago
- Konstellation is a configuration-driven CLI tool to enumerate cloud resources and store the data into Neo4j.☆21Updated last year
- A custom built DNS bruteforcer with multi-threading, and handling of bad resolvers.☆57Updated 3 years ago
- openrisk is a tool that generates a risk score based on the results of a Nuclei scan.☆169Updated 4 months ago
- Dependency Combobulator☆93Updated last year
- DustiLock is a tool to find which of your dependencies is susceptible to a Dependency Confusion attack.☆38Updated 3 years ago
- Monitoring the Cloud Landscape☆82Updated last week
- boostsecurityio/lotp☆126Updated last month
- 🌐 Visualize and explore IaC ✒️ Create and share notes in VS Code 🤝 Sync notes and findings in real-time with friends☆73Updated last year
- ☆33Updated last month
- Cloud Security Dashboard for AWS - based on ScoutSuite☆1Updated last year
- This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs☆37Updated 8 months ago
- FrogPost: postMessage Security Testing Tool☆80Updated 3 weeks ago
- Fast and passive subdomain enumeration.☆17Updated 3 years ago
- ☆36Updated 10 months ago
- Tool to automate takeover of DigitalOcean Kubernetes cluster. Check out the blog post for more info.☆16Updated 6 years ago
- ☆12Updated 6 months ago
- AssetViz simplifies the visualization of subdomains from input files, presenting them as a coherent mind map. Ideal for penetration test…☆32Updated last year
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts☆61Updated 2 years ago
- Target practice for ffuf☆65Updated 3 years ago
- Recon tool to query cloud prefixes for services associated with an IP address☆24Updated 8 months ago
- Common Golang Packages for use by the Various Cloud Nuke Tools☆40Updated last week
- multiple password 'asher using Python’s hashlib☆14Updated 4 years ago
- Objectify-s3 is a tool that recursively checks AWS S3 buckets and objects for misconfigured permissions.☆15Updated 10 months ago
- WAF bypass PoC☆48Updated last year
- A catalog of services that can be publicly exposed within different cloud providers.☆14Updated 9 months ago
- Burp plugin for the 1Password session protocol for use by security researchers.☆68Updated last week