GHAST (GitHub Actions Static Analysis Tool) is a tool to analyze the security posture of your GitHub Actions and its surrounding environment for common security vulnerabilities or missing security configuration.
☆20Aug 29, 2023Updated 2 years ago
Alternatives and similar repositories for ghast
Users that are interested in ghast are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A powerful containerized tool that automatically downloads, extracts, and scans packages from PyPI and npm for embedded secrets, API keys…☆20Jul 25, 2025Updated 9 months ago
- DEFCON 33 Workshop - Open Source Malware 101 - Everything you always wanted to know about npm malware (and more)☆16Aug 8, 2025Updated 9 months ago
- ☆12Mar 9, 2026Updated 2 months ago
- CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.☆11Oct 29, 2018Updated 7 years ago
- A GitHub Action that creates a SBOM from your application so you can meet compliance and security requirements. Add this to your dev, sta…☆25Jun 7, 2023Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A malicious KeePass plugin to exfiltrate the master key.☆16Oct 25, 2021Updated 4 years ago
- ☆14Feb 15, 2022Updated 4 years ago
- Focused malicious code detection ruleset, with a high protection-to-noise ratio☆146Feb 24, 2025Updated last year
- Toolset for detecting reflected xss in websites☆16Oct 6, 2018Updated 7 years ago
- ☆14Apr 9, 2019Updated 7 years ago
- ☆24Mar 4, 2025Updated last year
- ☆20Apr 10, 2025Updated last year
- wp content injection mass exploit Perl Script☆12Jul 11, 2017Updated 8 years ago
- Small tool to decode ASP.NET __VIEWSTATE variable when doing webpentests☆15Feb 27, 2021Updated 5 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Jenkins Security Research or Hacking Jenkins ;)☆12Dec 10, 2024Updated last year
- Strafer: A tool to detect potential infections in Elasticsearch instances☆27Mar 14, 2021Updated 5 years ago
- Wordpress Plugin "WP Checkout" Mass exploit☆16Jun 18, 2017Updated 8 years ago
- SecureStack Application Bill of Materials (ABOM/SBOM)☆13Aug 26, 2022Updated 3 years ago
- [WIP!] a cross platfrom Go library to work with the notification area / system tray☆11Aug 15, 2019Updated 6 years ago
- Simple shell script for automated domain recognition with some tools☆20Mar 9, 2019Updated 7 years ago
- Find open databases - Powered by Binaryedge.io☆14Jan 4, 2020Updated 6 years ago
- A simple little Python script that uses Impacket to check if SMBv1 is enabled on a remote host☆16Mar 9, 2017Updated 9 years ago
- ANWI - All New Wireless IDS☆29Aug 3, 2018Updated 7 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Supply Chain Security Research - Attack Trees☆10Jan 9, 2023Updated 3 years ago
- 腾讯安全沙龙 一 二 三 期PPT集合☆19May 24, 2025Updated last year
- The Vanta Control Set maps common compliance standards from their requirements to controls and provides them in an easy to consume machin…☆20Aug 26, 2021Updated 4 years ago
- Import your WordPress blog to Write.as☆13Feb 20, 2025Updated last year
- Free open-source information gathering☆13Mar 20, 2023Updated 3 years ago
- Phone Number Gathering & OSINT Tool. Collects Phone Numbers and Performs OSINT on the Numbers. Only works on Nigerian Numbers at the mome…☆14Aug 25, 2020Updated 5 years ago
- GitHub action to generate a CycloneDX SBOM for Node.js☆22Jul 11, 2025Updated 10 months ago
- A GitHub Action that scans your public web applications for log4j vulnerabilities after every deployment. Add this to your dev, staging a…☆14Apr 9, 2022Updated 4 years ago
- Eddie Vetter - triage macOS applications for security research☆16May 24, 2021Updated 5 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Yara rules written by me, for free use.☆20Nov 26, 2021Updated 4 years ago
- AWS Modernization DevSecOps Code Samples☆13Nov 30, 2020Updated 5 years ago
- Websocket based egress tester☆20Nov 23, 2016Updated 9 years ago
- 开发和运营:DevOps-Software development (Dev) and IT operations (Ops).☆12Feb 23, 2023Updated 3 years ago
- Kentico <=12.0.14 is vulnerable to a remote code execution via the SyncServer☆10Sep 28, 2020Updated 5 years ago
- This repository is for the Testing ASP.NET ViewState with YSoNet (YSoSerial.NET) workshop.☆25Dec 17, 2025Updated 5 months ago
- OWASP Foundation Web Respository☆47Dec 22, 2025Updated 5 months ago