crashappsec / ocularLinks
software asset scanning orchestration system
☆33Updated last week
Alternatives and similar repositories for ocular
Users that are interested in ocular are comparing it to the libraries listed below
Sorting:
- A framework for understanding the capabilities of automated detection methods at identifying classes of application security vulnerabilit…☆32Updated last week
- A comprehensive framework for analyzing and defending against attacks targeting Software Development Life Cycle Infrastructure.☆97Updated last week
- Vulnerable by Design AWS Cloud Development Kit (CDK) Infrastructure☆48Updated 2 years ago
- 🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.☆42Updated last year
- Scan your account for the use of untrusted AMIs☆31Updated 2 months ago
- truffleproc — hunt secrets in process memory (TruffleHog & gdb mashup)☆122Updated 2 years ago
- ☆55Updated 2 years ago
- An AWS IAM Privilege Escalation Path Library☆113Updated last week
- This terraform provider can be used to get remote code execution by injecting a dummy resource in a writeable state file.☆61Updated last year
- ☆31Updated last week
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.☆42Updated 2 years ago
- Data about all known supply-chain attacks through history☆63Updated 8 months ago
- ☆39Updated last year
- A comprehensive security scanner for Model Context Protocol (MCP) servers that detects vulnerabilities and security issues in your MCP se…☆121Updated last month
- ☆114Updated 2 years ago
- A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where w…☆113Updated last year
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts☆61Updated 2 years ago
- ## Auto-archived due to inactivity. ## Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Securit…☆37Updated last year
- A security-first linter for code that shouldn't need linting☆17Updated 2 years ago
- Clean accounts over permissions in GCP infra at scale☆71Updated 2 years ago
- A VS Code/Cursor extension capable of performing realtime security monitoring from inside the IDE☆64Updated 2 weeks ago
- A GitHub Actions Supply Chain CTF / Goat☆27Updated last month
- This application was built to help reduce the amount of time it takes to review AWS Lambda code.☆61Updated last year
- ☆43Updated 5 months ago
- A project to visualize the software supply chain☆58Updated 2 years ago
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …☆68Updated 7 months ago
- PEACH - a step-by-step framework for modeling and improving SaaS and PaaS tenant isolation, by managing the attack surface exposed by use…☆74Updated 3 years ago
- A simple script which implements different Cognito attacks such as Account Oracle or Priviledge Escalation☆109Updated last year
- ☆185Updated last week
- A web CTF for training developers in bug hunting and secure coding!☆100Updated last year