nccgroup / cqLinks
β116Updated 2 years ago
Alternatives and similar repositories for cq
Users that are interested in cq are comparing it to the libraries listed below
Sorting:
- A GraphQL enumeration and extraction toolβ133Updated 2 years ago
- Create notes during a security code review in VSCode π Import your favorite SAST tool findings π οΈ and collaborate with others π€β137Updated 5 months ago
- A curated list of argument injection vectorsβ41Updated 7 months ago
- β113Updated 2 years ago
- β85Updated last month
- Encode and Fuzz Custom Protobuf Messages in Burp Suiteβ33Updated 6 months ago
- Command line fuzzer and bruteforcer πͺ wfuzz for commandβ89Updated 3 years ago
- Blogpost series showcasing interesting cloud - web app security bugsβ49Updated 2 years ago
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagramsβ105Updated 7 months ago
- β94Updated 2 years ago
- HardeningMeter is an open-source Python tool carefully designed to comprehensively assess the security hardening of binaries and systems.β64Updated 10 months ago
- Create tar/zip archives that try to exploit zipslip vulnerability.β48Updated last year
- Some of my rough notes for Docker threat detectionβ47Updated 2 years ago
- An experimental project exploring the use of Large Language Models (LLMs) to solve HackTheBox machines autonomously.β73Updated this week
- Use the GCP testIamPermissions functionality to bruteforce and discover your permissionsβ40Updated 3 months ago
- Upload files done during my research.β165Updated 5 months ago
- Manager of third-party sources of Semgrep rules πβ87Updated last year
- This repository offers insights and a proof-of-concept tool to exploit two significant deserialization vulnerabilities in Inductive Automβ¦β45Updated last year
- Programmatically create hunting rules for deserialization exploitation with multiple keywords, gadget chains, object types, encodings, anβ¦β144Updated 2 years ago
- CQ, a code security scannerβ100Updated last year
- External Playbooks for Public Accessβ39Updated 7 months ago
- Presentation materials for my Black Hat USA 2022 Briefing and Arsenal talksβ65Updated 3 years ago
- HazProne is a Cloud Pentesting Framework that emulates close to Real-World Scenarios by deploying Vulnerable-By-Demand AWS resources enabβ¦β40Updated 3 years ago
- CoWitness is a powerful web application testing tool that enhances the accuracy and efficiency of your testing efforts. It allows you to β¦β125Updated last year
- Verizon Burp Extensions: AI Suiteβ138Updated 5 months ago
- β33Updated 2 years ago
- β50Updated last year
- Tools to assess DNS security.β152Updated last year
- GTFOArgs is a curated list of programs and their associated arguments that can be exploited to gain privileged access or execute arbitrarβ¦β131Updated 10 months ago
- Burp Extension to add additional functionality for pentesting websocket based applicationsβ98Updated 3 weeks ago