jtmelton / semgrep-idea-plugin

Related projects ⓘ

Alternatives and complementary repositories for semgrep-idea-plugin

• ropnop / pentest_charts
  Some helpful Helm Charts for pentesters
  ☆38Updated 5 years ago
• xfhg / intercept
  INTERCEPT / Policy as Code Auditing & Compliance
  ☆82Updated last month
• spoofzu / jvmxray
  Externalize Java application access to protected resources as log messages.
  ☆41Updated 6 months ago
• zaproxy / crawljax
  Crawljax: Crawling JavaScript-based Ajax Web Applications
  ☆21Updated 11 months ago
• vmnguyen / semgrep-rules
  My custom semgrep rules
  ☆18Updated 4 years ago
• knqyf263 / CVE-2020-10749
  CVE-2020-10749 PoC (Kubernetes MitM attacks via IPv6 rogue router advertisements)
  ☆25Updated 4 years ago
• knqyf263 / remic
  Vulnerability Scanner for Detecting Publicly Disclosed Vulnerabilities in Application Dependencies
  ☆23Updated 5 years ago
• jtmelton / camas
  A zero-dependency tool for finding secrets in directories
  ☆10Updated 3 years ago
• Bearer / bearer-rules
  Rules for Bearer SAST
  ☆24Updated last week
• darryk10 / CVE-2021-25735
  Exploit CVE-2021-25735: Kubernetes Validating Admission Webhook Bypass
  ☆18Updated 3 years ago
• stacscan / stacs
  Static Token And Credential Scanner
  ☆95Updated last year
• secdec / astam-correlator
  Vulnerability consolidation and management tool, enhances scan results by merging different findings of the same weakness across multiple…
  ☆24Updated last year
• Morningstar / GoASQ
  General Open Architecture Security Questionnaire
  ☆31Updated last year
• makash / linux-container-security-docs
  A gitbook for doing a null Bangalore session on linux container security to discuss and teach namespaces, cgroups etc.
  ☆20Updated 7 years ago
• GitHubSecurityLab / gh-mrva
  Run CodeQL queries at scale using Multi-Repository Variant Analysis (MRVA)
  ☆49Updated 7 months ago
• PortSwigger / elastic-burp
  The Web Audit Search Engine - Index and Search HTTP Requests and Responses in Web Application Audits with ElasticSearch
  ☆23Updated 6 years ago
• intruder-io / param-miner
  Fork of https://github.com/PortSwigger/param-miner for header smuggling research
  ☆12Updated 3 years ago
• PortSwigger / headless-burp
  Provides a suite of Burp extensions and a maven plugin to automate security tests using BurpSuite.
  ☆25Updated 6 years ago
• nscuro / fdnssearch
  Swiftly search FDNS datasets from Rapid7 Open Data
  ☆21Updated 2 years ago
• bgeesaman / subpath-exploit
  Writeup of CVE-2017-1002101 with sample "exploit"/escape
  ☆35Updated 6 years ago
• PaperMtn / github-watchman
  Monitoring GitHub for sensitive data shared publicly
  ☆66Updated 2 years ago
• apiiro / combobulator
  Dependency Combobulator
  ☆89Updated 10 months ago
• thought-machine / dracon
  Security scanning & static analysis tool
  ☆93Updated last month
• tabbysable / POC-2020-8559
  Proof of Concept exploit for Kubernetes CVE-2020-8559
  ☆20Updated 4 years ago
• lanmaster53 / cef
  Proof-of-concept CORS exploitation tool.
  ☆34Updated 5 years ago
• pry0cc / jf
  A wrapper around jq, to help you parse jq output!
  ☆30Updated 4 years ago
• KrustyHack / docker-privilege-escalation
  A docker example for privilege escalation
  ☆25Updated 7 years ago
• AdnaneKhan / ActionsTOCTOU
  Example repository for GitHub Actions Time of Check to Time of Use (TOCTOU vulnerabilities)
  ☆22Updated 4 months ago
• nccgroup / insject
  insject is a tool for poking at containers. It enables you to run an arbitrary command in a container or any mix of Linux namespaces.
  ☆49Updated 2 years ago
• gagliardetto / codebox
  Generate CodeQL taint-tracking models for Go (along with tests) in a graphical UI
  ☆20Updated last year