s0rcy / semgrep-rulesLinks
Collection of Semgrep rules for security analysis
☆11Updated last year
Alternatives and similar repositories for semgrep-rules
Users that are interested in semgrep-rules are comparing it to the libraries listed below
Sorting:
- OAuth 2.0 Dynamic Security Scanner☆33Updated 4 years ago
- A shortlist of core ServiceNow tables.☆14Updated 2 years ago
- ☆60Updated 2 years ago
- An Evil OIDC Server☆54Updated 3 years ago
- Interactsh deployment to AWS EC2 Instance with Terraform☆12Updated 3 years ago
- Python's handling of NaN is....interesting?broken?...this project illustrates the issue☆13Updated 3 years ago
- Provides an overview of the inner file structure of a PDF☆25Updated 3 years ago
- ☆21Updated last month
- Create tar/zip archives that try to exploit zipslip vulnerability.☆48Updated last year
- Quick WAF "paranoid" Doctor Evaluation | WAFPARAN01D3 Tool☆24Updated 3 years ago
- A Python-based tool to create zip, tar and cpio archives to exploit common archive library issues and developer mistakes☆43Updated 2 years ago
- A python script to create a fake GitHub runner and hijack pipeline jobs to leak CI/CD secrets.☆27Updated last year
- ☆25Updated last week
- A set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate in as simple a p…☆30Updated 9 months ago
- A collection of my Semgrep rules☆51Updated 2 years ago
- A GitHub Actions Supply Chain CTF / Goat☆24Updated 2 weeks ago
- ☆10Updated 6 years ago
- ☆50Updated last year
- Additional active scan checks for BURP☆28Updated last year
- Detect public repository dependencies in the GitHub repositories with an orphan required library.☆20Updated 4 months ago
- ☆90Updated 3 years ago
- Example of a serverless web reconaissance workflow's AWS architecture.☆11Updated 2 years ago
- Simple S3 Bucket Testing Software☆31Updated 3 years ago
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.☆42Updated last year
- Deployment code for ashirt-server☆20Updated last week
- ☆23Updated 3 years ago
- Take domains on stdin and output them on stdout if they get resolved☆33Updated 3 years ago
- ☆15Updated 3 years ago
- ☆17Updated 3 years ago
- Supporting material for the "Hunting Bugs In The Tropics" DEFCON 30 talk☆10Updated 3 years ago