nielsing / yar

Related projects: ⓘ

• BishopFox / smogcloud
  Find cloud assets that no one wants exposed 🔎 ☁️
  ☆330Updated 4 years ago
• koenrh / s3enum
  Fast and stealthy Amazon S3 bucket enumeration tool for pentesters.
  ☆215Updated 3 months ago
• DolosGroup / Jenkins-Pillage
  A tool for automatically gathering sensitive information from exposed Jenkins servers
  ☆103Updated last year
• duo-labs / secret-bridge
  Monitors Github for leaked secrets
  ☆188Updated last month
• lanrat / certgraph
  An open source intelligence tool to crawl the graph of certificate Alternate Names
  ☆341Updated 7 months ago
• lc / secretz
  secretz, minimizing the large attack surface of Travis CI
  ☆321Updated 2 years ago
• BishopFox / dufflebag
  Search exposed EBS volumes for secrets
  ☆278Updated last year
• MindPointGroup / cloudfrunt
  A tool for identifying misconfigured CloudFront domains
  ☆342Updated 4 years ago
• haxrob / commit-stream
  ☆298Updated this week
• Plazmaz / leaky-repo
  Benchmarking repo for secrets scanning
  ☆229Updated last month
• dxa4481 / truffleHogRegexes
  These are the regexes that power truffleHog
  ☆209Updated last year
• nccgroup / tracy
  A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.
  ☆552Updated last year
• stevenaldinger / decker
  Declarative penetration testing orchestration framework
  ☆288Updated 4 years ago
• sudosammy / knary
  A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams/Lark/Telegram & Pushover support
  ☆288Updated last month
• PaperMtn / gitlab-watchman
  Finding exposed secrets and personal data in GitLab
  ☆195Updated last year
• welchbj / bscan
  an asynchronous target enumeration tool
  ☆239Updated last year
• Voulnet / barq
  barq: The AWS Cloud Post Exploitation framework!
  ☆385Updated last year
• 0xbharath / slurp-old
  A tool to enumerate S3 buckets manually or via certstream
  ☆80Updated last year
• cr0hn / festin
  FestIn - Open S3 Bucket Scanner
  ☆227Updated 3 years ago
• moloch-- / burp-multiplayer
  Burp with Friends
  ☆99Updated last year
• C-Sto / recursebuster
  rapid content discovery tool for recursively querying webservers, handy in pentesting and web application assessments
  ☆242Updated 4 years ago
• 0x4D31 / burpa
  Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Applica…
  ☆480Updated 6 years ago
• FSecureLABS / dref
  DNS Rebinding Exploitation Framework
  ☆479Updated 3 years ago
• AbsoZed / DockerPwn.py
  Python automation of Docker.sock abuse
  ☆210Updated last year
• ropnop / serverless_toolkit
  A collection of useful Serverless functions I use when pentesting
  ☆379Updated last year
• SolomonSklash / chomp-scan
  A scripted pipeline of tools to streamline the bug bounty/penetration test reconnaissance phase, so you can focus on chomping bugs.
  ☆393Updated 4 years ago
• 0xSearches / sandcastle
  🏰 A Python script for AWS S3 bucket enumeration.
  ☆137Updated last year
• emtunc / SlackPirate
  Slack Enumeration and Extraction Tool - extract sensitive information from a Slack Workspace
  ☆725Updated 3 years ago
• pseudo-security / slacksecrets
  Scans Slack for API tokens, credentials, passwords, and more using YARA rules
  ☆37Updated 3 years ago