chebuya / sastsweep
Automatically detect potential vulnerabilities and analyze repository metrics to prioritize open source security research targets
☆154Updated this week
Related projects ⓘ
Alternatives and complementary repositories for sastsweep
- SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokens☆138Updated last month
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…☆155Updated last week
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files☆196Updated last month
- Search for sensitive data in Postman public library.☆186Updated 3 months ago
- A Powerful Network Reconnaissance Tool for Security Professionals☆95Updated 3 months ago
- Check subdomains for subdomain takeovers and other DNS tomfoolery☆99Updated this week
- Control Your Infrastructure, Scale Your Scanning—On Your Terms. Easily distribute arbitrary binaries and scripts using any of our eight s…☆235Updated this week
- Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @Webbi…☆207Updated 2 months ago
- Nuclei plugins to audit Chrome extensions☆64Updated 3 months ago
- Certainly is a offensive security toolkit to capture large amounts of traffic in various network protocols in bitflip and typosquat scena…☆131Updated 2 months ago
- A blazing-fast, thread-safe, straightforward and zero memory allocations tool to swiftly generate alternative IP(v4) address representati…☆85Updated last year
- CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).☆80Updated last month
- A Pentest Collaboration and Reporting Tool☆50Updated this week
- The Most Advanced Client-Side Prototype Pollution Scanner☆133Updated this week
- A streamlined tool for discovering TLDs, associated domains, and related domain names.☆140Updated last week
- Dredging up secrets from the depths of the file system☆116Updated last week
- A Slack bot phishing framework for Red Teaming exercises☆156Updated 6 months ago
- ☆292Updated 3 months ago
- GitHub Attack Toolkit - Extreme Edition☆193Updated last week
- TInjA is a CLI tool for testing web pages for template injection vulnerabilities and supports 44 of the most relevant template engines fo…☆308Updated 6 months ago
- ☆193Updated 5 months ago
- Static code analyser for backdoors and malicious code in git repos using OpenAI compatible LLM APIs☆69Updated 8 months ago
- DockerSpy searches for images on Docker Hub and extracts sensitive information such as authentication secrets, private keys, and more.☆152Updated 3 months ago
- Leveraging GitHub Actions to rotate IP addresses during password spraying attacks to bypass IP-Based blocking☆111Updated 5 months ago
- 🌐 Visualize and explore IaC ✒️ Create and share notes in VS Code 🤝 Sync notes and findings in real-time with friends☆70Updated 9 months ago
- Misconfig Mapper is a fast tool to help you uncover security misconfigurations on popular third-party services used by your company and/o…☆388Updated this week
- Gourlex is a simple tool that can be used to extract URLs and paths from web pages.☆180Updated 7 months ago
- 🔍A cutting edge context aware GraphQL API fuzzing tool!☆125Updated this week
- ☆109Updated last year
- openrisk is a tool that generates a risk score based on the results of a Nuclei scan.☆165Updated 5 months ago