elttam / semgrep-rules
☆182Updated 4 months ago
Alternatives and similar repositories for semgrep-rules:
Users that are interested in semgrep-rules are comparing it to the libraries listed below
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆101Updated last month
- Manager of third-party sources of Semgrep rules 🗂☆79Updated 7 months ago
- Find authentication (authn) and authorization (authz) security bugs in web application routes.☆257Updated 8 months ago
- Burp Suite Extension useful to verify OAUTHv2 and OpenID security☆171Updated 4 months ago
- An extension to use Semgrep inside Burp Suite.☆88Updated last year
- A collection of my Semgrep rules☆48Updated last year
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆132Updated this week
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…☆156Updated 4 months ago
- Find CVE PoCs on GitHub☆144Updated last year
- Grammar-based HTTP/1 fuzzer with mutation ability☆247Updated 4 months ago
- ☆400Updated 3 years ago
- Burp Suite extension that offers a toolkit for testing GraphQL endpoints.☆191Updated 7 months ago
- The Burp extension to check JWT (JSON Web Tokens) for using keys from known from public sources☆128Updated 4 years ago
- A Burp Suite Extension for parsing Project Files from the CLI.☆87Updated 5 months ago
- ☆147Updated 3 years ago
- AuthMatrix is a Burp Suite extension that provides a simple way to test authorization in web applications and web services.☆39Updated last year
- A python script to merge multiple jar files for easier debugging via JD-Eclipse☆60Updated 2 years ago
- A GraphQL enumeration and extraction tool☆130Updated 2 years ago
- GitHub Attack Toolkit - Extreme Edition - A static analysis and exploit toolkit for GitHub Actions.☆251Updated this week
- ☆110Updated last year
- Proof of concept code for Datadog Security Labs referenced exploits.☆425Updated last year
- Black box fuzzer for web applications☆423Updated 8 months ago
- A projectdiscovery driven attack surface monitoring bot powered by axiom☆181Updated 2 years ago
- Awesome information for WebSockets security research☆260Updated 3 years ago
- Mapping from bug bounty and vulnerability disclosure programs to respective GitHub organizations☆55Updated this week
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider☆138Updated 3 years ago
- Unsecure time-based secret exploitation and Sandwich attack implementation Resources☆133Updated 3 months ago
- MetaSec.js combines all the free open-source security tools to identify issues with JavaScript and automates the boring parts☆80Updated 2 years ago
- Link sources to sinks in C# applications.☆143Updated last year
- Workshop given at Hack in Paris 2019☆121Updated last year