google / security-testbeds
☆38Updated 2 months ago
Alternatives and similar repositories for security-testbeds:
Users that are interested in security-testbeds are comparing it to the libraries listed below
- Plusfish is a classic web application vulnerability scanner/fuzzer and aimed at security professionals☆28Updated 2 years ago
- Proof of Concepts for unsafe deserialization in Ruby☆17Updated 6 months ago
- ☆10Updated 4 months ago
- Manager of third-party sources of Semgrep rules 🗂☆81Updated 9 months ago
- using ML models for red teaming☆43Updated last year
- A web server designed to shut off on command to exploit DNS rebinding in Chromium-based browsers☆12Updated last year
- Fork of https://github.com/PortSwigger/param-miner for header smuggling research☆12Updated 3 years ago
- Proof-of-concept code for research into GitHub Actions Cache poisoning.☆22Updated last month
- Exploit CVE-2021-25735: Kubernetes Validating Admission Webhook Bypass☆18Updated 4 years ago
- Example repository for GitHub Actions Time of Check to Time of Use (TOCTOU vulnerabilities)☆23Updated 9 months ago
- A collection of my Semgrep rules☆49Updated last year
- Public repository for Red Canary Research☆37Updated 4 years ago
- Unsafe Unpacking Vulnerability: Lab Code, Semgrep Rules and Secure Implementation Guide☆40Updated 4 months ago
- Argument Injection in Dragonfly Ruby Gem☆16Updated 3 years ago
- Adds extensibility to Burp by using a list of payloads to pattern match on HTTP responses highlighting interesting and potentially vulner…☆15Updated last year
- Simple trick to increase readability of exceptions raised by Burp extensions written in Python☆43Updated 8 years ago
- Run CodeQL queries at scale using Multi-Repository Variant Analysis (MRVA)☆58Updated last week
- ☆32Updated 2 years ago
- Static Token And Credential Scanner☆96Updated last year
- CVE.ICU code.☆41Updated this week
- Manticore's Public Threats Repository☆10Updated 4 years ago
- A Python-based tool to create zip, tar and cpio archives to exploit common archive library issues and developer mistakes☆43Updated last year
- ☆34Updated 2 years ago
- *Unofficial* lgtm.com CLI — Use at your own risk. Also don't add more than 3K projects to "My projects" list.☆13Updated 3 years ago
- ☆43Updated last year
- An extension to use Semgrep inside Burp Suite.☆88Updated last year
- 2022 CTF public release☆23Updated 2 years ago
- Reference architecture and proof of concept implementation for supply chain security gateway☆23Updated 2 years ago
- DEF CON 26 Workshop - Attacking & Auditing Docker Containers Using Open Source☆108Updated 5 years ago
- IOCs from Google's Threat Analysis Group (TAG)☆29Updated 4 months ago