cxai / Checkmarx-PowerTools
A collection of various scripts and automations to simplify Checkmarx SAST and IAST setup and use
☆14Updated 6 years ago
Alternatives and similar repositories for Checkmarx-PowerTools:
Users that are interested in Checkmarx-PowerTools are comparing it to the libraries listed below
- Jekyll Files for cloudsecwiki.com☆50Updated 3 years ago
- DEF CON 26 Workshop - Attacking & Auditing Docker Containers Using Open Source☆108Updated 5 years ago
- Burp Suite extension to passively scan for applications revealing server error messages☆66Updated last year
- An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions☆122Updated 7 years ago
- Vulnerable Java based Web Application☆31Updated 5 years ago
- Manual JavaScript Linting is a Bug☆49Updated 4 years ago
- A Burp extension to show the Collaborator client in a tab☆36Updated 2 years ago
- Automated SonarQube☆73Updated 5 years ago
- Scans tcl for command injection☆36Updated 5 years ago
- Proof-of-concept CORS exploitation tool.☆35Updated 5 years ago
- Exports vulnerability scan data from the Checkmarx SAST platform for use in analytical tools.☆19Updated 5 months ago
- Repository for all the workshop content delivered at nullcon X on 1st of March 2019☆81Updated 6 years ago
- ☆42Updated 5 years ago
- Python API library for DefectDojo☆41Updated 2 years ago
- Provides a suite of Burp extensions and a maven plugin to automate security tests using BurpSuite.☆25Updated 6 years ago
- Network/WebApplication Information Gathering, Enumeration and Vulnerability Scanning (Under Development)☆17Updated 6 years ago
- Useful tools and Examples made by Checkmarx Professional Services☆38Updated last week
- Cross Site Scripting Payloads -- Variations☆71Updated 6 years ago
- Another plugin for CRLF vulnerability detection☆26Updated 8 years ago
- A Burp plugin to export findings to DefectDojo☆30Updated last year
- Automate security tests using Burp Suite.☆226Updated 10 months ago
- AppSecPipeline Specification for DevOps automation.☆40Updated 2 years ago
- Executes commands in a container on a kubelet endpoint that allows anonymous authentication (default)☆112Updated 6 years ago
- Extension providing view with filtering capabilities for both complete and incomplete requests from all burp tools.☆48Updated 4 years ago
- WARNING: This is a vulnerable application to test the exploit for the Spring Break vulnerability (CVE-2017-8046). Run it at your own risk…☆13Updated 6 years ago
- CORS checking☆34Updated 6 years ago
- ☆20Updated 6 years ago
- Run CodeQL queries at scale using Multi-Repository Variant Analysis (MRVA)☆58Updated this week
- Burp extension to help developers replicate findings from pen tests☆70Updated 9 months ago
- JWT Fuzzer for BurpSuite. Adds an Intruder hook for on-the-fly JWT fuzzing.☆99Updated 5 years ago