nccgroup / cqLinks
☆116Updated 2 years ago
Alternatives and similar repositories for cq
Users that are interested in cq are comparing it to the libraries listed below
Sorting:
- Encode and Fuzz Custom Protobuf Messages in Burp Suite☆33Updated 5 months ago
- Blogpost series showcasing interesting cloud - web app security bugs☆49Updated 2 years ago
- A GraphQL enumeration and extraction tool☆133Updated 2 years ago
- A curated list of argument injection vectors☆41Updated 7 months ago
- ☆82Updated last month
- ☆94Updated 2 years ago
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆134Updated 5 months ago
- Use the GCP testIamPermissions functionality to bruteforce and discover your permissions☆40Updated 2 months ago
- Command line fuzzer and bruteforcer 🌪 wfuzz for command☆89Updated 2 years ago
- An Evil OIDC Server☆53Updated 2 years ago
- Create tar/zip archives that try to exploit zipslip vulnerability.☆47Updated 11 months ago
- Enumerate AWS permissions and resources.☆70Updated 3 years ago
- Programmatically create hunting rules for deserialization exploitation with multiple keywords, gadget chains, object types, encodings, an…☆144Updated 2 years ago
- Upload files done during my research.☆164Updated 4 months ago
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆105Updated 7 months ago
- This repository offers insights and a proof-of-concept tool to exploit two significant deserialization vulnerabilities in Inductive Autom…☆45Updated last year
- HazProne is a Cloud Pentesting Framework that emulates close to Real-World Scenarios by deploying Vulnerable-By-Demand AWS resources enab…☆40Updated 3 years ago
- HardeningMeter is an open-source Python tool carefully designed to comprehensively assess the security hardening of binaries and systems.☆63Updated 9 months ago
- DEFCON 30 Mainframe buffer overlow workshop container☆90Updated last year
- ☆50Updated last year
- A collection of my Semgrep rules☆49Updated 2 years ago
- ☆112Updated 2 years ago
- Tools to assess DNS security.☆152Updated last year
- Burp Extension to add additional functionality for pentesting websocket based applications☆98Updated last week
- External Playbooks for Public Access☆39Updated 7 months ago
- EC2StepShell is an AWS post-exploitation tool for getting high privileges reverse shells in public or private EC2 instances.☆66Updated 11 months ago
- Slip is a CLI tool to create malicious archive files containing path traversal payloads. It supports zip, tar, 7z and zip-like (jar, war,…☆104Updated 3 months ago
- CQ, a code security scanner☆100Updated last year
- ☆33Updated 2 years ago
- ☆106Updated 2 years ago