csdev / ezghsa
EZGHSA is a command-line tool for summarizing and filtering vulnerability alerts on Github repositories.
☆35Updated 3 months ago
Related projects: ⓘ
- HashiCorp-relevant rules for the Semgrep code analysis tool☆37Updated 11 months ago
- Tool for obfuscating and deobfuscating data.☆60Updated 5 months ago
- Static code analyser for backdoors and malicious code in git repos using OpenAI compatible LLM APIs☆68Updated 6 months ago
- Modular web-application honeypot platform built using go and gin☆52Updated 4 months ago
- Independently deploy customized honeyservices in AWS to trigger alerts on unauthorized access. It utilizes a dedicated CloudTrail for pre…☆42Updated 4 months ago
- YouShallNotPass brings an added level of execution security to mission-critical CI/CD Systems.☆36Updated 8 months ago
- This tool analyzes a given Gitlab repository and searches for dangling or force-pushed commits containing potential secret or interesting…☆38Updated last month
- Nuclei plugins to audit Chrome extensions☆64Updated 2 months ago
- prel(iminary) is an application that temporarily assigns Google Cloud IAM Roles and includes an approval process.☆30Updated this week
- a hackbot proof-of-concept☆33Updated 6 months ago
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows☆76Updated this week
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts☆56Updated last year
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.☆38Updated 9 months ago
- Stalker, the Extensible Attack Surface Management tool.☆75Updated this week
- An implementation of infrastructure-as-code scanning using dynamic tooling.☆56Updated 2 years ago
- 🌐 Visualize and explore IaC ✒️ Create and share notes in VS Code 🤝 Sync notes and findings in real-time with friends☆68Updated 7 months ago
- Clean accounts over permissions in GCP infra at scale☆70Updated last year
- Security scanning & static analysis tool - forked and rewritten from @thought-machine/dracon☆70Updated this week
- Build a CVE library with aggregated CISA, EPSS and CVSS data☆27Updated 11 months ago
- ☆45Updated last year
- Protect against subdomain takeover☆92Updated 3 months ago
- ☆37Updated 3 weeks ago
- Simple Workspace Attack Tool (SWAT) is a tool for simulating malicious behavior against Google Workspace in reference to the MITRE ATT&CK…☆159Updated last month
- Vulnerable by Design AWS Cloud Development Kit (CDK) Infrastructure☆42Updated 8 months ago
- boostsecurityio/lotp☆97Updated 5 months ago
- ☆60Updated 6 months ago
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆56Updated 6 months ago
- ☆30Updated this week
- An LLM and OCR based Indicator of Compromise Extraction Tool☆28Updated 5 months ago
- Crawlector is a threat hunting framework designed for scanning websites for malicious objects.☆125Updated 9 months ago