SirAppSec / bsides-shadow-api
This repository hosts several snippets and file related to the BsidesLV 2024 talk about Shadow and Zombie APIs by me
☆18Updated 9 months ago
Alternatives and similar repositories for bsides-shadow-api:
Users that are interested in bsides-shadow-api are comparing it to the libraries listed below
- ☆35Updated last month
- Blogpost series showcasing interesting cloud - web app security bugs☆47Updated last year
- Additional active scan checks for BURP☆27Updated 7 months ago
- A collection of Turbo Intruder scripts.☆59Updated 3 months ago
- Verizon Burp Extensions: AI Suite☆128Updated 2 weeks ago
- ☆47Updated 10 months ago
- HazProne is a Cloud Pentesting Framework that emulates close to Real-World Scenarios by deploying Vulnerable-By-Demand AWS resources enab…☆39Updated 2 years ago
- A web security research tool for DOM testing☆20Updated this week
- WhereToGo - is a list of popular services that might be used in organizations. By having an account of the user - you can try to find ent…☆122Updated 2 years ago
- POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF☆58Updated last year
- Determine privileges from cloud credentials via brute-force testing.☆67Updated 8 months ago
- A tool for quickly evaluating IAM permissions in AWS.☆57Updated last year
- Nuclei plugins to audit Chrome extensions☆64Updated 9 months ago
- CoWitness is a powerful web application testing tool that enhances the accuracy and efficiency of your testing efforts. It allows you to …☆125Updated last year
- Encode and Fuzz Custom Protobuf Messages in Burp Suite☆30Updated 2 months ago
- A set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate in as simple a p…☆30Updated 3 months ago
- A multi-cloud DNS record scanner that aims to help cybersecurity/IT analysts identify dangling CNAME records in their cloud DNS services …☆49Updated 2 years ago
- ☆64Updated last week
- Prototype of Full Agentic Application Security Testing, FAAST = SAST + DAST + LLM agents☆43Updated last week
- Offensive Kubernetes Threat Matrix -- kubenomicon.com☆39Updated 3 months ago
- Enumerate AWS permissions and resources.☆68Updated 2 years ago
- My Offensive Security OSWA certification experience and my personal opinion what helps in preparation for the exam☆39Updated last year
- A powerful AWS Cognito analysis and session hijacking toolkit designed for security researchers and penetration testers. CognitoHunter sp…☆20Updated 3 months ago
- Simple PoC for demonstrating Race Conditions on Websockets☆55Updated last year
- GCP GOAT is the vulnerable application for learn the GCP Security☆64Updated last year
- This extension adds a search bar to the Repeater tab that can be used to highlight all repeater tabs where the request and/or response ma…☆79Updated last year
- moniorg is a tool that leverages crt.sh website to monitor domains of a target☆47Updated 2 years ago
- Cloud subdomains identification tool☆58Updated 3 weeks ago
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆104Updated 3 months ago
- This tool analyzes a given Gitlab repository and searches for dangling or force-pushed commits containing potential secret or interesting…☆47Updated 8 months ago