nccgroup / cqLinks
☆116Updated 2 years ago
Alternatives and similar repositories for cq
Users that are interested in cq are comparing it to the libraries listed below
Sorting:
- ☆72Updated last week
- A GraphQL enumeration and extraction tool☆132Updated 2 years ago
- Encode and Fuzz Custom Protobuf Messages in Burp Suite☆32Updated 5 months ago
- Use the GCP testIamPermissions functionality to bruteforce and discover your permissions☆39Updated last month
- A curated list of argument injection vectors☆41Updated 6 months ago
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆134Updated 4 months ago
- Blogpost series showcasing interesting cloud - web app security bugs☆49Updated 2 years ago
- Create tar/zip archives that try to exploit zipslip vulnerability.☆47Updated 10 months ago
- Some of my rough notes for Docker threat detection☆47Updated last year
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆105Updated 6 months ago
- External Playbooks for Public Access☆39Updated 6 months ago
- HardeningMeter is an open-source Python tool carefully designed to comprehensively assess the security hardening of binaries and systems.☆63Updated 8 months ago
- Simple PoC for demonstrating Race Conditions on Websockets☆55Updated last year
- Verizon Burp Extensions: AI Suite☆132Updated 3 months ago
- Command line fuzzer and bruteforcer 🌪 wfuzz for command☆88Updated 2 years ago
- HazProne is a Cloud Pentesting Framework that emulates close to Real-World Scenarios by deploying Vulnerable-By-Demand AWS resources enab…☆40Updated 3 years ago
- An Evil OIDC Server☆53Updated 2 years ago
- Programmatically create hunting rules for deserialization exploitation with multiple keywords, gadget chains, object types, encodings, an…☆143Updated 2 years ago
- Enumerate AWS permissions and resources.☆70Updated 3 years ago
- CoWitness is a powerful web application testing tool that enhances the accuracy and efficiency of your testing efforts. It allows you to …☆125Updated last year
- This repository offers insights and a proof-of-concept tool to exploit two significant deserialization vulnerabilities in Inductive Autom…☆45Updated last year
- Manager of third-party sources of Semgrep rules 🗂☆87Updated last year
- ☆94Updated 2 years ago
- CQ, a code security scanner☆100Updated last year
- ☆50Updated last year
- Burp Suite extension for testing Passkey systems.☆73Updated 4 months ago
- Cake Fuzzer is a project that is meant to help automatically and continuously discover vulnerabilities in web applications created based …☆100Updated 3 weeks ago
- Presentation materials for my Black Hat USA 2022 Briefing and Arsenal talks☆65Updated 3 years ago
- ☆112Updated 2 years ago
- using ML models for red teaming☆44Updated 2 years ago