nccgroup / ccsLinks
β111Updated 2 years ago
Alternatives and similar repositories for ccs
Users that are interested in ccs are comparing it to the libraries listed below
Sorting:
- Create notes during a security code review in VSCode π Import your favorite SAST tool findings π οΈ and collaborate with others π€β133Updated 2 months ago
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagramsβ105Updated 4 months ago
- boostsecurityio/lotpβ126Updated 2 months ago
- Protect against subdomain takeoverβ92Updated last year
- POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRFβ58Updated last year
- Recon tool for cloud provider attribution. Supports AWS, Azure, Google, Cloudflare, and Digital Ocean.β168Updated 7 months ago
- β57Updated 2 years ago
- A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where wβ¦β108Updated 7 months ago
- truffleproc β hunt secrets in process memory (TruffleHog & gdb mashup)β118Updated last year
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.β41Updated last year
- Hide from the InstanceCredentialExfiltration GuardDuty finding by using VPC Endpointsβ117Updated last year
- Tools to assess DNS security.β152Updated last year
- GCP GOAT is the vulnerable application for learn the GCP Securityβ64Updated last month
- ποΈ STRIDE vs. ASVS equivalence tableβ76Updated 9 months ago
- This application was built to help reduce the amount of time it takes to review AWS Lambda code.β60Updated 7 months ago
- β184Updated 2 months ago
- Scan DockerHub images that match a keyword to find secrets.β59Updated 4 years ago
- This tool analyzes a given Gitlab repository and searches for dangling or force-pushed commits containing potential secret or interestingβ¦β47Updated 10 months ago
- Manager of third-party sources of Semgrep rules πβ87Updated 11 months ago
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accountsβ61Updated 2 years ago
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raiderβ139Updated 3 years ago
- openrisk is a tool that generates a risk score based on the results of a Nuclei scan.β171Updated 4 months ago
- β47Updated last year
- β115Updated 2 years ago
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive filesβ218Updated last week
- IMDSPOOF is a cyber deception tool that spoofs the AWS IMDS service to return HoneyTokens that can be alerted on.β103Updated last year
- β137Updated 2 years ago
- Blogpost series showcasing interesting cloud - web app security bugsβ49Updated 2 years ago
- An extension to use Semgrep inside Burp Suite.β89Updated 3 weeks ago
- Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessmentsβ141Updated 5 months ago