Alternatives and similar repositories for Checkmarx-Custom-Query-Rules

Users that are interested in Checkmarx-Custom-Query-Rules are comparing it to the libraries listed below

• PalindromeLabs / Java-Deserialization-CVEs
  Compiled dataset of Java deserialization CVEs
  ☆60Updated 5 years ago
• KTH-LangSec / SerialDetector
  A proof-of-concept tool for detection and exploitation Object Injection Vulnerabilities in .NET applications
  ☆63Updated 4 years ago
• Metnew / write-ups
  ☆34Updated 3 years ago
• SaneBow / redirect-fuzzer
  Fuzzing script for redirect URL validator
  ☆53Updated 5 years ago
• 0ang3el / Unsafe-JAX-RS-Burp
  Burp Suite extension for JAX-RS
  ☆65Updated 8 years ago
• advanced-security / custom-codeql-bundle
  An example repository that demonstrates how the build custom CodeQL bundles that include query customizations through the `Customizations…
  ☆25Updated 3 years ago
• JLLeitschuh / lgtm_hack_scripts
  Collection of python helper API's for interacting with LGTM.com in ways the official API doesn't support.
  ☆24Updated 3 years ago
• Contrast-Security-OSS / joogle
  A static analysis API for finding deserialization attack gadgets
  ☆38Updated 3 years ago
• EdoardoVignati / java-deserialization-of-untrusted-data-poc
  Some PoC (Proof-of-Concept) about vulnerability of java deserialization of untrusted data
  ☆26Updated 4 years ago
• detectify / Varnish-H2-Request-Smuggling
  ☆56Updated 4 years ago
• wrvenkat / burp-multistep-csrf-poc
  Burp extension to generate multi-step CSRF POC.
  ☆31Updated 6 years ago
• parsiya / Parsia-Clone
  Clone me and get your own authentic Parsia-Clone today.
  ☆46Updated last week
• gand3lf / semgrepper
  An extension to use Semgrep inside Burp Suite.
  ☆89Updated 7 months ago
• cxai / Checkmarx-PowerTools
  A collection of various scripts and automations to simplify Checkmarx SAST and IAST setup and use
  ☆14Updated 7 years ago
• irsl / jackson-rce-via-spel
  An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions
  ☆124Updated 8 years ago
• PortSwigger / nginx-alias-traversal
  Burp extension to detect alias traversal via NGINX misconfiguration at scale.
  ☆54Updated 4 years ago
• andresriancho / websocket-fuzzer
  HTML5 WebSocket message fuzzer
  ☆148Updated 7 years ago
• PortSwigger / freddy-deserialization-bug-finder
  ☆43Updated 5 years ago
• SafeBreach-Labs / HRS
  ☆51Updated 5 years ago
• kiranreddyrebel / PostMessage_Fuzz_Tool
  #BugBounty #BugBounty Tools #WebDeveloper Tool
  ☆38Updated 8 months ago
• cnotin / RazorVulnerableApp
  DO NOT USE: this is a vulnerable ASP.NET web app using Razor templating engine. The vulnerability is a Server-Side Template Injection (SS…
  ☆28Updated 5 years ago
• georlav / objectmap
  A Simple command line tool that helps checking web applications to identify insecure deserialization vulnerabilities.
  ☆24Updated 6 years ago
• aurainfosec / xss_payloads
  XSS payloads for edge cases
  ☆34Updated 7 years ago
• augustd / burp-suite-software-version-checks
  Burp extension to passively scan for applications revealing software version numbers
  ☆33Updated last year
• synopsys-sig / ATOR-Burp
  ☆87Updated last year
• elespike / burp-cph
  Custom Parameter Handler extension for Burp Suite.
  ☆44Updated 4 years ago
• jangelesg / py3webfuzz
  A Python3 module to assist in fuzzing web applications
  ☆57Updated 2 years ago
• random-robbie / ssrf-finder
  Pass list of urls with FUZZ in and it will check if it has found a potential SSRF.
  ☆112Updated 3 years ago
• modzero / interestingFileScanner
  Burp extension
  ☆58Updated 7 years ago
• arbazkiraak / web-cache-deception-checker
  Tool is to check for Cache Deception Attack Both For Authenticated and UnAuthenticated Pages
  ☆44Updated 4 years ago