ZupIT / horusec-platform

Related projects ⓘ

Alternatives and complementary repositories for horusec-platform

• ghostsecurity / waf-btk
  WAF bypass PoC
  ☆43Updated last year
• krol3 / kubernetes-security-checklist
  Awesome resources about Security in Kubernetes
  ☆40Updated last year
• Checkmarx / dustilock
  DustiLock is a tool to find which of your dependencies is susceptible to a Dependency Confusion attack.
  ☆36Updated 2 years ago
• SDA-SE / cluster-image-scanner
  Discover vulnerabilities and container image misconfiguration in production environments.
  ☆53Updated 2 months ago
• binareio / FastCVE
  FastCVE - fast, rich and API-based search for CVE and more (CPE, CWE, CAPEC)
  ☆39Updated 2 months ago
• wiz-sec-public / namespacehound
  NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.
  ☆55Updated 7 months ago
• ZupIT / horusec-engine
  Horusec analysis engine
  ☆21Updated this week
• AdnaneKhan / ActionsCacheBlasting
  Proof-of-concept code for research into GitHub Actions Cache poisoning.
  ☆21Updated 2 months ago
• lacioffi / GCP-pentest-lab
  A vulnerable environment for exploring common GCP misconfigurations and vulnerabilities
  ☆25Updated 3 months ago
• riramar / h2csmuggler-proxy
  This script just implement a proxy over h2cSmuggler so you can navigate in your browser making requests to the back-end server.
  ☆37Updated 2 years ago
• rmkanda / tools
  Curated list of security tools
  ☆61Updated 9 months ago
• hackinrio / Certifications-Guide
  ☆11Updated last year
• ne0z / DamnVulnerableMicroServices
  This is vulnerable microservice written in many language to demonstrating OWASP API Top Security Risk (under development)
  ☆42Updated last year
• smithy-security / smithy
  The security workflow engine!
  ☆73Updated this week
• projectdiscovery / nvd
  Fast, simple library in Go to fetch CVEs from the National Vulnerability Database feeds
  ☆25Updated last year
• OWASP / KubeLight
  OWASP Kubernetes security and compliance tool [WIP]
  ☆103Updated last year
• TinderSec / gh-workflow-auditor
  Script to audit GitHub Action Workflow files for potential vulnerabilities.
  ☆150Updated 2 months ago
• DigeeX / raider
  DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider
  ☆138Updated 3 years ago
• Rezonate-io / github-oidc-checker
  Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts
  ☆57Updated last year
• apiiro / combobulator
  Dependency Combobulator
  ☆88Updated 10 months ago
• primait / nuvola
  ☆137Updated last week
• Macmod / STARS
  A multi-cloud DNS record scanner that aims to help cybersecurity/IT analysts identify dangling CNAME records in their cloud DNS services …
  ☆49Updated last year
• redhuntlabs / KubeStalk
  KubeStalk discovers Kubernetes and related infrastructure based attack surface from a black-box perspective.
  ☆166Updated last year
• raesene / CVE-2022-23648-POC
  POC for CVE-2022-23648
  ☆36Updated 2 years ago
• michalkoczwara / DevSecOps-Studio
  Virtual environment for learning DevSecOps
  ☆29Updated 6 years ago
• padok-team / cognito-scanner
  A simple script which implements different Cognito attacks such as Account Oracle or Priviledge Escalation
  ☆100Updated 8 months ago
• pasknel / epyon
  Epyon is a swiss army knife tool for pentesting DevOps ecosystems.
  ☆72Updated 5 months ago
• domain-protect / domain-protect-gcp
  Protect against subdomain takeover
  ☆92Updated 5 months ago
• CloudDefenseAI / falco_extended_rules
  Curating Falco rules with MITRE ATT&CK Matrix
  ☆74Updated 8 months ago