cxai / Checkmarx-PowerTools

Related projects: ⓘ

• NotSoSecure / cloud-sec-wiki
  Jekyll Files for cloudsecwiki.com
  ☆49Updated 3 years ago
• irsl / jackson-rce-via-spel
  An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions
  ☆121Updated 6 years ago
• appsecco / defcon-26-workshop-attacking-and-auditing-docker-containers
  DEF CON 26 Workshop - Attacking & Auditing Docker Containers Using Open Source
  ☆106Updated 4 years ago
• 0ang3el / Unsafe-JAX-RS-Burp
  Burp Suite extension for JAX-RS
  ☆65Updated 7 years ago
• PortSwigger / taborator
  A Burp extension to show the Collaborator client in a tab
  ☆36Updated last year
• shubhamshubhankar / autoSource
  Automated SonarQube
  ☆73Updated 5 years ago
• PortSwigger / nginx-alias-traversal
  Burp extension to detect alias traversal via NGINX misconfiguration at scale.
  ☆50Updated 2 years ago
• augustd / burp-suite-error-message-checks
  Burp Suite extension to passively scan for applications revealing server error messages
  ☆64Updated 9 months ago
• CSPF-Founder / VulnerableSpring
  Vulnerable Java based Web Application
  ☆31Updated 5 years ago
• m3ssap0 / SpringBreakVulnerableApp
  WARNING: This is a vulnerable application to test the exploit for the Spring Break vulnerability (CVE-2017-8046). Run it at your own risk…
  ☆11Updated 5 years ago
• DefectDojo / defectdojo_api
  Python API library for DefectDojo
  ☆40Updated last year
• PortSwigger / freddy-deserialization-bug-finder
  ☆41Updated 4 years ago
• Contrast-Security-OSS / joogle
  A static analysis API for finding deserialization attack gadgets
  ☆37Updated last year
• lanmaster53 / cef
  Proof-of-concept CORS exploitation tool.
  ☆34Updated 5 years ago
• Morningstar / GoASQ
  General Open Architecture Security Questionnaire
  ☆30Updated last year
• NetsOSS / headless-burp
  Automate security tests using Burp Suite.
  ☆222Updated 3 months ago
• spoofzu / jvmxray
  Externalize Java application access to protected resources as log messages.
  ☆41Updated 4 months ago
• wuntee / BurpAuthzPlugin
  ☆75Updated 11 years ago
• Contrast-Security-OSS / vulnerable-spring-boot-application
  ☆13Updated 5 months ago
• ZephrFish / XSSPayloads
  Cross Site Scripting Payloads -- Variations
  ☆70Updated 6 years ago
• OWASP / www-project-dependency-check
  OWASP Foundation Web Respository
  ☆13Updated 2 months ago
• siberas / sjet
  siberas JMX exploitation toolkit
  ☆127Updated last year
• pinnace / burp-jwt-fuzzhelper-extension
  JWT Fuzzer for BurpSuite. Adds an Intruder hook for on-the-fly JWT fuzzing.
  ☆98Updated 5 years ago
• parsiya / eslinter
  Manual JavaScript Linting is a Bug
  ☆49Updated 3 years ago
• augustd / burp-suite-software-version-checks
  Burp extension to passively scan for applications revealing software version numbers
  ☆30Updated 3 months ago
• OWASP / www-project-cloud-native-application-security-top-10
  OWASP Foundation Web Respository
  ☆33Updated 2 weeks ago
• elespike / burp-cph
  Custom Parameter Handler extension for Burp Suite.
  ☆43Updated 3 years ago
• BSidesSF / ctf-2019-release
  BSidesSF CTF 2019 release
  ☆72Updated last year
• modzero / interestingFileScanner
  Burp extension
  ☆57Updated 6 years ago
• LinkedInAttic / sometime
  A BurpSuite plugin to detect Same Origin Method Execution vulnerabilities
  ☆60Updated 7 years ago