lunasec-io / damn-vulnerable-js-sca

Related projects: ⓘ

• omar2535 / GraphQLer
  🔍A dependency-aware GraphQL API fuzzing tool
  ☆120Updated this week
• iosifache / semgrep-rules-manager
  Manager of third-party sources of Semgrep rules 🗂
  ☆74Updated last month
• owasp-change / owasp-change.github.io
  An Open Letter to the OWASP Board
  ☆105Updated last year
• akabe1 / akabe1-semgrep-rules
  My collection of Semgrep rules for vulnerability detection on source code (swift, java)
  ☆30Updated 6 months ago
• codesoap / pfuzz
  a web fuzzer using the httpipe format
  ☆99Updated 5 months ago
• plerionhq / conditional-love
  An AWS metadata enumeration tool by Plerion
  ☆72Updated 7 months ago
• 62726164 / dns-exfil
  ☆61Updated this week
• lirlia / prel
  prel(iminary) is an application that temporarily assigns Google Cloud IAM Roles and includes an approval process.
  ☆30Updated this week
• RandoriDev / test-saml-idp
  ☆30Updated 3 years ago
• AppThreat / atom
  Atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.
  ☆46Updated 2 weeks ago
• trufflesecurity / WhoAmISlack
  Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.
  ☆38Updated 9 months ago
• AdnaneKhan / ActionsCacheBlasting
  Proof-of-concept code for research into GitHub Actions Cache poisoning.
  ☆19Updated last month
• jthack / hero
  a hackbot proof-of-concept
  ☆33Updated 6 months ago
• SecureStackCo / visualizing-software-supply-chain
  A project to visualize the software supply chain
  ☆33Updated last year
• AdnaneKhan / ActionsTOCTOU
  Example repository for GitHub Actions Time of Check to Time of Use (TOCTOU vulnerabilities)
  ☆20Updated 2 months ago
• nullenc0de / ChromeAudit
  Nuclei plugins to audit Chrome extensions
  ☆64Updated 2 months ago
• hashicorp-forge / semgrep-rules
  HashiCorp-relevant rules for the Semgrep code analysis tool
  ☆37Updated 11 months ago
• doyensec / PESD-Exporter-Extension
  PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams
  ☆95Updated 7 months ago
• bullfrogsec / bullfrog
  Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows
  ☆76Updated this week
• salesforce / DazedAndConfused
  ☆43Updated this week
• tracebit-com / find-s3-account
  Sample code for finding AWS Account ID of an S3 bucket.
  ☆46Updated 6 months ago
• csdev / ezghsa
  EZGHSA is a command-line tool for summarizing and filtering vulnerability alerts on Github repositories.
  ☆35Updated 3 months ago
• protoflow-labs / protoflow
  Language-agnostic workflow builder. Modular code that goes from dev to prod in a minute with principled design decisions.
  ☆12Updated 6 months ago
• nccgroup / ccs
  ☆108Updated last year
• hex0punk / wally
  Function callpath mapping analysis tool for Go
  ☆27Updated last week
• referefref / modpot
  Modular web-application honeypot platform built using go and gin
  ☆52Updated 4 months ago
• ncc-erik-steringer / Aerides
  An implementation of infrastructure-as-code scanning using dynamic tooling.
  ☆56Updated 2 years ago
• forensant / pakiki-core
  Pākiki is an intercepting proxy designed to help penetration testers find security vulnerabilities in web or mobile applications. This re…
  ☆33Updated 2 months ago
• Deploying-Securely / GPT-Guard
  A lightweight library to sanitize data provided to AI tools
  ☆26Updated last year
• salesforce / lobster-pot
  Scans every git push to your Github organisations to find unwanted secrets.
  ☆88Updated last year