nccgroup / ccs
β110Updated last year
Alternatives and similar repositories for ccs:
Users that are interested in ccs are comparing it to the libraries listed below
- truffleproc β hunt secrets in process memory (TruffleHog & gdb mashup)β113Updated last year
- Create notes during a security code review in VSCode π Import your favorite SAST tool findings π οΈ and collaborate with others π€β132Updated last year
- boostsecurityio/lotpβ110Updated last month
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagramsβ101Updated this week
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.β39Updated last year
- POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRFβ58Updated last year
- β58Updated last year
- A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where wβ¦β97Updated 2 months ago
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raiderβ138Updated 3 years ago
- ποΈ STRIDE vs. ASVS equivalence tableβ75Updated 4 months ago
- openrisk is a tool that generates a risk score based on the results of a Nuclei scan.β167Updated 8 months ago
- Protect against subdomain takeoverβ93Updated 7 months ago
- This tool analyzes a given Gitlab repository and searches for dangling or force-pushed commits containing potential secret or interestingβ¦β45Updated 5 months ago
- GCP GOAT is the vulnerable application for learn the GCP Securityβ63Updated last year
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive filesβ214Updated 3 weeks ago
- Nuclei plugins to audit Chrome extensionsβ64Updated 6 months ago
- Find authentication (authn) and authorization (authz) security bugs in web application routes.β254Updated 6 months ago
- β115Updated last year
- Hide from the InstanceCredentialExfiltration GuardDuty finding by using VPC Endpointsβ113Updated last year
- This is a RSS feed collection for all the InfoSec Content Creatorsβ30Updated last year
- Blogpost series showcasing interesting cloud - web app security bugsβ47Updated last year
- Tools to assess DNS security.β151Updated 10 months ago
- β161Updated 4 months ago
- A simple script which implements different Cognito attacks such as Account Oracle or Priviledge Escalationβ101Updated 11 months ago
- WhereToGo - is a list of popular services that might be used in organizations. By having an account of the user - you can try to find entβ¦β118Updated 2 years ago
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application aβ¦β157Updated 2 months ago
- HASH (HTTP Agnostic Software Honeypot)β133Updated 8 months ago
- This application was built to help reduce the amount of time it takes to review AWS Lambda code.β60Updated 2 months ago
- Manager of third-party sources of Semgrep rules πβ77Updated 5 months ago
- Recon tool for cloud provider attribution. Supports AWS, Azure, Google, Cloudflare, and Digital Ocean.β164Updated 2 months ago