contrastsecurity / contrastLinks
CodeSec by Contrast - The fastest and most accurate SAST scanner. Scan code and serverless environments
☆19Updated last year
Alternatives and similar repositories for contrast
Users that are interested in contrast are comparing it to the libraries listed below
Sorting:
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts☆61Updated 2 years ago
- OWASP Foundation Web Respository☆44Updated this week
- InfoSec OpenAI Examples☆19Updated last year
- A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where w…☆108Updated 6 months ago
- A project to visualize the software supply chain☆52Updated last year
- Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments☆141Updated 5 months ago
- Vulnerable by Design AWS Cloud Development Kit (CDK) Infrastructure☆47Updated last year
- WAF bypass PoC☆48Updated last year
- ☆47Updated 11 months ago
- TrailAlerts is a AWS-native, serverless cloud-detection tool that lets you define simple rules as code and get rich alerts about events i…☆43Updated last month
- An AWS metadata enumeration tool by Plerion☆97Updated last year
- Focused malicious code detection ruleset, with a high protection-to-noise ratio☆120Updated 3 months ago
- ☆36Updated 10 months ago
- A simple script which implements different Cognito attacks such as Account Oracle or Priviledge Escalation☆104Updated last year
- Semgrep-based Policy Controller for Kubernetes☆47Updated 2 months ago
- Demonstrates how a malicious dependency could negatively impact the build output.☆24Updated last year
- ☆56Updated 2 years ago
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.☆41Updated last year
- A tool for preventing the installation of malicious PyPI and npm packages☆145Updated this week
- This terraform provider can be used to get remote code execution by injecting a dummy resource in a writeable state file.☆55Updated 4 months ago
- FrogPost: postMessage Security Testing Tool☆80Updated 3 weeks ago
- ☆183Updated last month
- boostsecurityio/lotp☆126Updated last month
- Test & Compare different Kubernetes security offerings on EKS, GKE and AKS☆39Updated 9 months ago
- This repository provides a comprehensive collection of Pulumi scenarios utilized by cnappgoat☆21Updated 4 months ago
- A small tool to help developers understand a huge set of security requirements from appsec teams☆45Updated 2 years ago
- 🌐 Visualize and explore IaC ✒️ Create and share notes in VS Code 🤝 Sync notes and findings in real-time with friends☆73Updated last year
- A GitHub Actions Supply Chain CTF / Goat☆20Updated this week
- LLM Testing Findings Templates☆72Updated last year
- Determine privileges from cloud credentials via brute-force testing.☆69Updated 9 months ago