nccgroup/ccs

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/nccgroup/ccs)

nccgroup / ccs

☆114

Alternatives and similar repositories for ccs

Users that are interested in ccs are comparing it to the libraries listed below

Sorting:

nccgroup / cowcloud
View on GitHub
☆60May 25, 2023Updated 2 years ago
Rezonate-io / github-oidc-checker
View on GitHub
Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts
☆61May 15, 2023Updated 2 years ago
RichardoC / gitlab-secrets
View on GitHub
This tool analyzes a given Gitlab repository and searches for dangling or force-pushed commits containing potential secret or interesting…
☆47Aug 16, 2024Updated last year
RITRedteam / StreetCred
View on GitHub
Tool created for Red Team to test default credentials on SSH and WinRM and then execute scripts with those credentials before the passwor…
☆40May 7, 2023Updated 2 years ago
BishopFox / burpcage
View on GitHub
☆10May 25, 2023Updated 2 years ago
alice-dot-io / caterpillar
View on GitHub
Caterpillar is a security scanning library for AI agent skill files (e.g., Claude Code skills) for dangerous or malicious behavior
☆32Feb 16, 2026Updated 2 weeks ago
google / localtoast
View on GitHub
☆117Feb 11, 2026Updated 2 weeks ago
hashicorp-forge / semgrep-rules
View on GitHub
HashiCorp-relevant rules for the Semgrep code analysis tool
☆41Oct 3, 2023Updated 2 years ago
r3volved / CVEAggregate
View on GitHub
Build a CVE library with aggregated CISA, EPSS and CVSS data
☆29Sep 27, 2023Updated 2 years ago
cado-security / cloudgrep
View on GitHub
cloudgrep is grep for cloud storage
☆326Feb 26, 2025Updated last year
abbbi / ssenv
View on GitHub
Exit if environment variables known to be used as access tokens are set.
☆15May 30, 2022Updated 3 years ago
RefactorSecurity / vscode-security-notes
View on GitHub
Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝
☆142Updated this week
trufflesecurity / WhoAmISlack
View on GitHub
Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.
☆41Dec 12, 2023Updated 2 years ago
nccgroup / cq
View on GitHub
☆116Jun 8, 2023Updated 2 years ago
jhaddix / awsScrape
View on GitHub
A tool to scrape the AWS ranges looking for a keyword in SSL certificate data.
☆239Jan 10, 2024Updated 2 years ago
gand3lf / semgrepper
View on GitHub
An extension to use Semgrep inside Burp Suite.
☆88May 23, 2025Updated 9 months ago
synopsys-sig / ATOR-Burp
View on GitHub
☆88Apr 24, 2024Updated last year
stephenbradshaw / aws_url_signer
View on GitHub
POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF
☆59Sep 20, 2023Updated 2 years ago
gotr00t0day / Gsec
View on GitHub
Web Security Scanner
☆382Nov 13, 2025Updated 3 months ago
twilio-labs / gordon
View on GitHub
Gordon is status check Github app to enforce and validate about.yaml file specifications in a repository during pull requests to drive co…
☆20Feb 4, 2025Updated last year
dsecuredcom / yataf
View on GitHub
yataf extracts secrets and paths from files or urls - its best used against javascript files
☆52Sep 11, 2024Updated last year
pry0cc / jf
View on GitHub
A wrapper around jq, to help you parse jq output!
☆30Aug 23, 2020Updated 5 years ago
AndreySokolov247 / XSS-AGENT
View on GitHub
Autonomous AI C2
☆33Jul 23, 2024Updated last year
d0ge / sign-saboteur
View on GitHub
SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokens
☆164Nov 29, 2024Updated last year
tldrsec / awesome-secure-defaults
View on GitHub
Awesome secure by default libraries to help you eliminate bug classes!
☆700Dec 6, 2025Updated 2 months ago
adeptex / whispers
View on GitHub
Identify hardcoded secrets in static structured text (version 2)
☆98Feb 5, 2025Updated last year
StateFarmIns / CLAWS
View on GitHub
This application was built to help reduce the amount of time it takes to review AWS Lambda code.
☆61Nov 11, 2024Updated last year
yacwagh / FAAST
View on GitHub
Prototype of Full Agentic Application Security Testing, FAAST = SAST + DAST + LLM agents
☆66May 1, 2025Updated 10 months ago
cosad3s / postleaks
View on GitHub
Search for sensitive data in Postman public library.
☆214Aug 28, 2025Updated 6 months ago
projectdiscovery / openrisk
View on GitHub
openrisk is a tool that generates a risk score based on the results of a Nuclei scan.
☆180Dec 22, 2025Updated 2 months ago
mllamazares / STRIDE-vs-ASVS
View on GitHub
🖇️ equivalence table between OWASP ASVS standard and STRIDE threat modeling methodology.
☆76Aug 22, 2024Updated last year
fkie-cad / bountyhunter
View on GitHub
A Caldera plugin for the emulation of complete, realistic cyberattack chains.
☆61Nov 19, 2025Updated 3 months ago
bullfrogsec / bullfrog
View on GitHub
Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows
☆117Updated this week
mschwager / route-detect
View on GitHub
Find authentication (authn) and authorization (authz) security bugs in web application routes.
☆282Sep 11, 2025Updated 5 months ago
marco-lancini / utils
View on GitHub
Useful scripts, Docker images, docker-compose apps, and Terraform modules.
☆149Feb 15, 2026Updated 2 weeks ago
warhorse / ansible-role-cobaltstrike-docker
View on GitHub
Ansible Cobalt Strike (Docker)
☆15Jan 8, 2022Updated 4 years ago
crond-jaist / GridAttackAnalyzer
View on GitHub
GridAttackAnalyzer: Smart Grid Attack Analysis Framework
☆21Feb 15, 2022Updated 4 years ago
3CORESec / Automata
View on GitHub
Automatic detection engineering technical state compliance
☆55Jul 7, 2024Updated last year
Cyberlands-io / epiphany
View on GitHub
A pre-DDoS security assessment tool
☆119Jun 11, 2021Updated 4 years ago