chris-anley / cq
CQ, a code security scanner
☆97Updated 4 months ago
Related projects: ⓘ
- ☆115Updated last year
- A GraphQL enumeration and extraction tool☆127Updated last year
- Manager of third-party sources of Semgrep rules 🗂☆74Updated last month
- This repo contains write ups of vulnerabilities I've found and exploits I've publicly developed.☆139Updated last year
- My collection of Semgrep rules for vulnerability detection on source code (swift, java)☆30Updated 6 months ago
- Command line fuzzer and bruteforcer 🌪 wfuzz for command☆85Updated 2 years ago
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆127Updated last year
- A collection of my Semgrep rules☆46Updated last year
- Trail of Bits Testing Handbook☆53Updated this week
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆95Updated 7 months ago
- ☆31Updated last year
- Find CVE PoCs on GitHub☆136Updated 11 months ago
- Proof-of-concept code for research into GitHub Actions Cache poisoning.☆19Updated last month
- Programmatically create hunting rules for deserialization exploitation with multiple keywords, gadget chains, object types, encodings, an…☆136Updated last year
- ☆75Updated 3 months ago
- boostsecurityio/lotp☆97Updated 5 months ago
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider☆138Updated 3 years ago
- Search for vulnerabilities and exposures while filtering based on age, keywords, and other parameters.☆126Updated last year
- ☆81Updated 2 months ago
- Nuclei plugins to audit Chrome extensions☆64Updated 2 months ago
- An extension to use Semgrep inside Burp Suite.☆86Updated last year
- A curated list of argument injection vectors☆37Updated 3 weeks ago
- ☆104Updated last year
- ☆108Updated last year
- ☆173Updated 6 months ago
- A structure-aware HTTP fuzzing library☆200Updated 11 months ago
- Mindmaps allow to organize and understand information faster and better.☆2Updated 2 years ago
- A collection of utilities for building extensions using Burp's Montoya API☆46Updated 2 months ago
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files☆193Updated 4 months ago
- ☆63Updated last year