nccgroup/ccs

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/nccgroup/ccs)

nccgroup / ccs

☆114

Alternatives and similar repositories for ccs

Users that are interested in ccs are comparing it to the libraries listed below

Sorting:

nccgroup / cowcloud
View on GitHub
☆60May 25, 2023Updated 2 years ago
Rezonate-io / github-oidc-checker
View on GitHub
Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts
☆61May 15, 2023Updated 2 years ago
BishopFox / burpcage
View on GitHub
☆10May 25, 2023Updated 2 years ago
hashicorp-forge / semgrep-rules
View on GitHub
HashiCorp-relevant rules for the Semgrep code analysis tool
☆41Oct 3, 2023Updated 2 years ago
google / localtoast
View on GitHub
☆117Feb 11, 2026Updated last month
chris-anley / cq
View on GitHub
CQ, a code security scanner
☆99Feb 23, 2026Updated last month
RichardoC / gitlab-secrets
View on GitHub
This tool analyzes a given Gitlab repository and searches for dangling or force-pushed commits containing potential secret or interesting…
☆47Aug 16, 2024Updated last year
cado-security / cloudgrep
View on GitHub
cloudgrep is grep for cloud storage
☆326Mar 14, 2026Updated last week
AndreySokolov247 / XSS-AGENT
View on GitHub
Autonomous AI C2
☆33Jul 23, 2024Updated last year
nccgroup / cq
View on GitHub
☆116Jun 8, 2023Updated 2 years ago
r3volved / CVEAggregate
View on GitHub
Build a CVE library with aggregated CISA, EPSS and CVSS data
☆29Sep 27, 2023Updated 2 years ago
felickz / secret-scanning-review-action
View on GitHub
Action to detect if a secret is initially detected in a PR commit
☆11Jun 19, 2023Updated 2 years ago
gand3lf / semgrepper
View on GitHub
An extension to use Semgrep inside Burp Suite.
☆88May 23, 2025Updated 10 months ago
tldrsec / awesome-secure-defaults
View on GitHub
Awesome secure by default libraries to help you eliminate bug classes!
☆701Dec 6, 2025Updated 3 months ago
dsecuredcom / yataf
View on GitHub
yataf extracts secrets and paths from files or urls - its best used against javascript files
☆52Sep 11, 2024Updated last year
RITRedteam / StreetCred
View on GitHub
Tool created for Red Team to test default credentials on SSH and WinRM and then execute scripts with those credentials before the passwor…
☆41May 7, 2023Updated 2 years ago
synopsys-sig / ATOR-Burp
View on GitHub
☆88Apr 24, 2024Updated last year
mbaluda-org / security_team
View on GitHub
☆10Oct 16, 2025Updated 5 months ago
d0ge / sign-saboteur
View on GitHub
SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokens
☆164Nov 29, 2024Updated last year
RefactorSecurity / vscode-security-notes
View on GitHub
Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝
☆142Feb 26, 2026Updated 3 weeks ago
trufflesecurity / WhoAmISlack
View on GitHub
Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.
☆41Dec 12, 2023Updated 2 years ago
jhaddix / awsScrape
View on GitHub
A tool to scrape the AWS ranges looking for a keyword in SSL certificate data.
☆238Jan 10, 2024Updated 2 years ago
stephenbradshaw / aws_url_signer
View on GitHub
POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF
☆59Sep 20, 2023Updated 2 years ago
nccgroup / RFC-Security-Research
View on GitHub
Paper, data and code from Investigating Potential Security Vulnerability Manifestation through Various Analyses & Inferences Regarding In…
☆19Jan 28, 2021Updated 5 years ago
advanced-security / set-codeql-language-matrix
View on GitHub
Automatically set the CodeQL matrix job using the languages in your repository.
☆18Jan 8, 2026Updated 2 months ago
devops-kung-fu / lucha
View on GitHub
A CLI that scans for sensitive data in source code
☆14Mar 22, 2023Updated 3 years ago
bullfrogsec / bullfrog
View on GitHub
Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows
☆119Mar 15, 2026Updated last week
mschwager / route-detect
View on GitHub
Find authentication (authn) and authorization (authz) security bugs in web application routes.
☆281Sep 11, 2025Updated 6 months ago
pry0cc / jf
View on GitHub
A wrapper around jq, to help you parse jq output!
☆30Aug 23, 2020Updated 5 years ago
ReversecLabs / IceKube
View on GitHub
☆187Mar 2, 2026Updated 2 weeks ago
mllamazares / STRIDE-vs-ASVS
View on GitHub
🖇️ equivalence table between OWASP ASVS standard and STRIDE threat modeling methodology.
☆76Aug 22, 2024Updated last year
gotr00t0day / Gsec
View on GitHub
Web Security Scanner
☆383Nov 13, 2025Updated 4 months ago
avolens / kubefuzz
View on GitHub
Generative and mutative fuzzer for Kubernetes admission controller chains by automatically parsing the cluster api specification.
☆75Sep 12, 2023Updated 2 years ago
cosad3s / postleaks
View on GitHub
Search for sensitive data in Postman public library.
☆212Aug 28, 2025Updated 6 months ago
semgr8ns / semgr8s
View on GitHub
Semgrep-based Policy Controller for Kubernetes
☆47Apr 4, 2025Updated 11 months ago
pwnpanda / ParamCleaner
View on GitHub
Removes duplicate entries from a file, resulting in only unique parameter combinations. Useful for parsing waybackurls and making recon m…
☆11May 31, 2020Updated 5 years ago
abbbi / ssenv
View on GitHub
Exit if environment variables known to be used as access tokens are set.
☆15May 30, 2022Updated 3 years ago
3CORESec / Automata
View on GitHub
Automatic detection engineering technical state compliance
☆55Jul 7, 2024Updated last year
dub-flow / sessionprobe
View on GitHub
SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applic…
☆463Mar 28, 2024Updated last year