ZupIT / horusec-platform
Horusec Platform is a set of web services that integrate with the Horusec CLI to facilitate the visualization and management of found vulnerabilities.
☆61Updated last week
Related projects ⓘ
Alternatives and complementary repositories for horusec-platform
- WAF bypass PoC☆43Updated last year
- Awesome resources about Security in Kubernetes☆40Updated last year
- DustiLock is a tool to find which of your dependencies is susceptible to a Dependency Confusion attack.☆36Updated 2 years ago
- Discover vulnerabilities and container image misconfiguration in production environments.☆53Updated 2 months ago
- FastCVE - fast, rich and API-based search for CVE and more (CPE, CWE, CAPEC)☆39Updated 2 months ago
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆55Updated 7 months ago
- Horusec analysis engine☆21Updated this week
- Proof-of-concept code for research into GitHub Actions Cache poisoning.☆21Updated 2 months ago
- A vulnerable environment for exploring common GCP misconfigurations and vulnerabilities☆25Updated 3 months ago
- This script just implement a proxy over h2cSmuggler so you can navigate in your browser making requests to the back-end server.☆37Updated 2 years ago
- Curated list of security tools☆61Updated 9 months ago
- ☆11Updated last year
- This is vulnerable microservice written in many language to demonstrating OWASP API Top Security Risk (under development)☆42Updated last year
- The security workflow engine!☆73Updated this week
- Fast, simple library in Go to fetch CVEs from the National Vulnerability Database feeds☆25Updated last year
- OWASP Kubernetes security and compliance tool [WIP]☆103Updated last year
- Script to audit GitHub Action Workflow files for potential vulnerabilities.☆150Updated 2 months ago
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider☆138Updated 3 years ago
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts☆57Updated last year
- Dependency Combobulator☆88Updated 10 months ago
- ☆137Updated last week
- A multi-cloud DNS record scanner that aims to help cybersecurity/IT analysts identify dangling CNAME records in their cloud DNS services …☆49Updated last year
- KubeStalk discovers Kubernetes and related infrastructure based attack surface from a black-box perspective.☆166Updated last year
- POC for CVE-2022-23648☆36Updated 2 years ago
- Virtual environment for learning DevSecOps☆29Updated 6 years ago
- A simple script which implements different Cognito attacks such as Account Oracle or Priviledge Escalation☆100Updated 8 months ago
- Epyon is a swiss army knife tool for pentesting DevOps ecosystems.☆72Updated 5 months ago
- Protect against subdomain takeover☆92Updated 5 months ago
- Curating Falco rules with MITRE ATT&CK Matrix☆74Updated 8 months ago