bin3xish477 / ghast
GHAST (GitHub Actions Static Analysis Tool) is a tool to analyze the security posture of your GitHub Actions and its surrounding environment for common security vulnerabilities or missing security configuration.
☆16Updated last year
Related projects ⓘ
Alternatives and complementary repositories for ghast
- ☆36Updated 6 months ago
- Virtual Security Operations Center☆49Updated last year
- An LLM and OCR based Indicator of Compromise Extraction Tool☆30Updated 7 months ago
- ☆58Updated last year
- POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF☆58Updated last year
- This tool analyzes a given Gitlab repository and searches for dangling or force-pushed commits containing potential secret or interesting…☆39Updated 2 months ago
- ☆40Updated 5 months ago
- Blogpost series showcasing interesting cloud - web app security bugs☆46Updated last year
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.☆39Updated 11 months ago
- A PoC to Simulate Ransomware Attack on AWS Environment☆26Updated last month
- AWS SSO serverless phishing API.☆29Updated 3 years ago
- HazProne is a Cloud Pentesting Framework that emulates close to Real-World Scenarios by deploying Vulnerable-By-Demand AWS resources enab…☆39Updated 2 years ago
- InfoSec OpenAI Examples☆19Updated 11 months ago
- GCP GOAT is the vulnerable application for learn the GCP Security☆62Updated last year
- CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.☆27Updated 2 years ago
- A public cloud security knowledgebase - https://www.secwiki.cloud/☆49Updated 8 months ago
- ☆110Updated last year
- ☆55Updated last year
- ☆25Updated 3 years ago
- This repository hosts several snippets and file related to the BsidesLV 2024 talk about Shadow and Zombie APIs by me☆17Updated 3 months ago
- This repository provides a comprehensive collection of Pulumi scenarios utilized by cnappgoat☆18Updated last month
- ☆13Updated last year
- Offensive Terraform module which creates Kali Linux from the AWS marketplace and installs cloud security tools (Pacu, Cloudsplaining, Sco…☆18Updated 4 years ago
- 🖇️ STRIDE vs. ASVS equivalence table☆75Updated 2 months ago
- Appsecco training course content on Attacking and Auditing Dockers Containers and Kubernetes Clusters☆13Updated 4 years ago
- GCP cloud security CTF☆41Updated 8 months ago
- Enriching the NVD CVSS scores to include Temporal & Threat Metrics☆61Updated this week
- ☆18Updated 2 years ago
- 📚A curated list of product security resources.☆18Updated 2 years ago