cve-search / git-vuln-finder
Finding potential software vulnerabilities from git commit messages
☆411Updated last year
Alternatives and similar repositories for git-vuln-finder:
Users that are interested in git-vuln-finder are comparing it to the libraries listed below
- Grammar-based HTTP/1 fuzzer with mutation ability☆250Updated 5 months ago
- A tool to hunt for credentials in github wild AKA git*hunt☆294Updated 2 years ago
- ☆189Updated 5 months ago
- Tool to check for dependency confusion vulnerabilities in multiple package management systems☆718Updated 8 months ago
- secretz, minimizing the large attack surface of Travis CI☆326Updated 2 years ago
- Tool for catching and logging different types of requests.☆220Updated 4 years ago
- Corsair_scan is a security tool to test Cross-Origin Resource Sharing (CORS).☆122Updated 2 years ago
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider☆139Updated 3 years ago
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆301Updated 2 years ago
- Awesome information for WebSockets security research☆267Updated 3 years ago
- vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.☆316Updated last year
- HTTP Request Smuggling over HTTP/2 Cleartext (h2c)☆715Updated 2 years ago
- Companion labs to "An Exploration of JSON Interoperability Vulnerabilities"☆203Updated 2 years ago
- A simple SSRF-testing sheriff written in Go☆326Updated 5 months ago
- NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.☆378Updated 3 years ago
- Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki☆204Updated 5 months ago
- Automatic tool for DNS rebinding-based SSRF attacks☆298Updated 4 years ago
- DNS rebinding toolkit☆252Updated last year
- A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.☆559Updated 2 years ago
- Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported)☆452Updated 5 years ago
- materials we hand out☆142Updated 3 weeks ago
- vulnerable single sign on☆147Updated 8 months ago
- Uncover forgotten secrets and bring them back to life, haunting security and operations teams.☆207Updated last year
- A guided mutation-based fuzzer for ML-based Web Application Firewalls☆185Updated last year
- Find cloud assets that no one wants exposed 🔎 ☁️☆341Updated 4 years ago
- Ugly Duckling is a lightweight scanner built specifically for our Crowdsource community to submit proof-of-concept modules☆189Updated 3 years ago
- Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"☆352Updated 4 years ago
- Benchmarking repo for secrets scanning☆231Updated 8 months ago
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…☆142Updated last year
- A bash script that automates the exfiltration of data over dns in case we have blind command execution on a server with egress filtering☆210Updated 4 years ago