referefref / gitdoorcheck
Static code analyser for backdoors and malicious code in git repos using OpenAI compatible LLM APIs
☆68Updated 6 months ago
Related projects: ⓘ
- Nuclei plugins to audit Chrome extensions☆64Updated 2 months ago
- Tool for obfuscating and deobfuscating data.☆60Updated 5 months ago
- Identify hardcoded secrets in static structured text (version 2)☆85Updated this week
- a hackbot proof-of-concept☆33Updated 6 months ago
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files☆193Updated 4 months ago
- Stalker, the Extensible Attack Surface Management tool.☆75Updated this week
- A Pentest Collaboration and Reporting Tool☆44Updated 2 weeks ago
- Independently deploy customized honeyservices in AWS to trigger alerts on unauthorized access. It utilizes a dedicated CloudTrail for pre…☆42Updated 4 months ago
- RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and…☆137Updated last month
- YouShallNotPass brings an added level of execution security to mission-critical CI/CD Systems.☆36Updated 8 months ago
- EZGHSA is a command-line tool for summarizing and filtering vulnerability alerts on Github repositories.☆35Updated 3 months ago
- Simple Workspace Attack Tool (SWAT) is a tool for simulating malicious behavior against Google Workspace in reference to the MITRE ATT&CK…☆159Updated last month
- Use AI to Scan Your Code from the Command Line for security and code smells. Bring your own keys. Supports OpenAI and Gemini☆143Updated 6 months ago
- Nord Stream is a tool that allows you to extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently …☆242Updated last month
- A Powerful Network Reconnaissance Tool for Security Professionals☆94Updated 2 months ago
- Build a CVE library with aggregated CISA, EPSS and CVSS data☆27Updated 11 months ago
- Crawlector is a threat hunting framework designed for scanning websites for malicious objects.☆125Updated 9 months ago
- Canary Detection☆159Updated 5 months ago
- FlowAnalyzer is a tool to help in testing and analyzing OAuth 2.0 Flows, including OpenID Connect (OIDC).☆168Updated 2 months ago
- Modular web-application honeypot platform built using go and gin☆52Updated 4 months ago
- Generate datasets of cloud audit logs for common attacks☆158Updated last month
- IMDSPOOF is a cyber deception tool that spoofs the AWS IMDS service to return HoneyTokens that can be alerted on.☆91Updated 9 months ago
- boostsecurityio/lotp☆97Updated 5 months ago
- HashiCorp-relevant rules for the Semgrep code analysis tool☆37Updated 11 months ago
- Gram is Klarna's own threat model diagramming tool☆267Updated last week
- Read Chromium data (namely, cookies and local storage) straight from disk, without spinning up the browser.☆105Updated last month
- ☆60Updated 6 months ago
- 🌐 Visualize and explore IaC ✒️ Create and share notes in VS Code 🤝 Sync notes and findings in real-time with friends☆68Updated 7 months ago
- Protect against subdomain takeover☆92Updated 3 months ago
- This tool analyzes a given Gitlab repository and searches for dangling or force-pushed commits containing potential secret or interesting…☆38Updated last month