duo-labs / secret-bridge
Monitors Github for leaked secrets
☆189Updated 2 weeks ago
Related projects ⓘ
Alternatives and complementary repositories for secret-bridge
- A simple file-based scanner to look for potential AWS access and secret keys in files☆89Updated 7 months ago
- Google Cloud Platform Security Tool☆232Updated 5 years ago
- A tool for identifying misconfigured CloudFront domains☆345Updated 4 years ago
- This is an offensive guide to securing AWS infrastructures. The hope is that by knowing how to take advantage of various types of AWS wea…☆168Updated 5 years ago
- Yar is a tool for plunderin' organizations, users and/or repositories.☆231Updated 3 years ago
- OWASP Cloud Security - Enabling conversations through threat and control stories☆177Updated 5 years ago
- Tools for fingerprinting and exploiting Amazon cloud infrastructures☆445Updated last year
- ☆61Updated last year
- A tool for automatically gathering sensitive information from exposed Jenkins servers☆103Updated last year
- barq: The AWS Cloud Post Exploitation framework!☆386Updated last year
- Search exposed EBS volumes for secrets☆285Updated last year
- IAMFinder enumerates and finds users and IAM roles in a target AWS account.☆109Updated 3 years ago
- Find cloud assets that no one wants exposed 🔎 ☁️☆332Updated 4 years ago
- Route53/CloudFront Vulnerability Assessment Utility☆84Updated last year
- Scans Slack for API tokens, credentials, passwords, and more using YARA rules☆38Updated 3 years ago
- A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestrat…☆274Updated 2 weeks ago
- for AWS Security material☆245Updated 2 years ago
- 'Continuous' AWS perimeter monitoring: Periodically scan internet facing AWS resources to detect misconfigured services.☆62Updated 5 years ago
- Presentations, training modules, and other education materials from Duo Security's Application Security team.☆71Updated 3 years ago
- drHEADer helps with the audit of security headers received in response to a single request or a list of requests.☆105Updated 2 weeks ago
- These are the regexes that power truffleHog☆211Updated last year
- Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki☆203Updated last week
- Cloud-related research releases from the Rhino Security Labs team.☆355Updated 4 years ago
- A step-by-step walkthrough of CloudGoat 2.0 scenarios.☆133Updated 4 years ago
- Monitor the internet attack surface of various public cloud environments. Currently supports AWS, GCP, Azure, DigitalOcean and Oracle Clo…☆120Updated 7 months ago
- A simple web app that helps developers understand the ASVS requirements.☆154Updated 8 months ago
- Red Team Scripts for AWS.☆166Updated 4 years ago
- A community contributed consolidated list of InfoSec meetups in the Asia Pacific region.☆158Updated this week
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆61Updated last year