finos / CatchIT
Source code secret scanner
☆54Updated last year
Related projects ⓘ
Alternatives and complementary repositories for CatchIT
- The Open Security Summit is focused on the collaboration between, Developers and Application Security☆45Updated this week
- PEACH - a step-by-step framework for modeling and improving SaaS and PaaS tenant isolation, by managing the attack surface exposed by use…☆65Updated last year
- InfoSec OpenAI Examples☆19Updated 11 months ago
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …☆55Updated 4 months ago
- OWASP Foundation Web Respository☆10Updated last year
- Vulnerable by Design AWS Cloud Development Kit (CDK) Infrastructure☆46Updated 10 months ago
- ☆37Updated 7 months ago
- OWASP Foundation Web Respository☆54Updated last year
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts☆57Updated last year
- openrisk is a tool that generates a risk score based on the results of a Nuclei scan.☆166Updated 6 months ago
- Clean accounts over permissions in GCP infra at scale☆71Updated last year
- GitHub action to run Threagile, the agile threat modeling toolkit, on a repo's threagile.yaml file☆13Updated 6 months ago
- The Secure Coding Framework☆20Updated 4 years ago
- A meta-database collecting resources that compile lists of breaches☆18Updated 2 weeks ago
- A simple script that generates an Excel friendly CSV file from an Amass JSON file.☆13Updated 2 years ago
- This repository provides a comprehensive collection of Pulumi scenarios utilized by cnappgoat☆18Updated last month
- OWASP Foundation Web Respository☆19Updated last month
- WAF bypass PoC☆43Updated last year
- A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where w…☆89Updated last week
- Protect against subdomain takeover☆92Updated 5 months ago
- Dragon-GPT uses Chat-GPT, or local LLM, to execute automatic and AI-powered threat modeling analysis on a given OWASP Threat Dragon diagr…☆31Updated last year
- OWASP Foundation Web Respository☆27Updated last year
- Semgrep rules corresponding to the OWASP ASVS standard☆27Updated 4 years ago
- Grafana Labs bug bounty☆29Updated last month
- A walkthrough of security controls for a serverless architecture via a demo application☆11Updated 2 years ago
- Automated process to build and distribute Posture & Exposure Reports' bi-weekly to customers.☆17Updated 9 months ago
- ☆12Updated 3 years ago
- MetaHub is an automated contextual security findings enrichment and impact evaluation tool for vulnerability management.☆156Updated this week
- HashiCorp-relevant rules for the Semgrep code analysis tool☆37Updated last year
- The OWASP Vulnerable Web Applications Directory Project (VWAD) is a comprehensive and well maintained registry of all known vulnerable we…☆21Updated 3 weeks ago