salesforce / lobster-pot

Related projects ⓘ

Alternatives and complementary repositories for lobster-pot

• somethingnew2-0 / SimpleCSPM
  GCP CSPM using Google Sheets
  ☆34Updated 5 months ago
• nccgroup / ConMachi
  Container Blackbox Security Auditing Tool: enumerates security configuration from within the target container
  ☆103Updated 5 years ago
• goldfiglabs / sgCheckup
  sgCheckup generates nmap output based on scanning your AWS Security Groups for unexpected open ports.
  ☆81Updated 3 years ago
• nccgroup / s3_objects_check
  Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.
  ☆74Updated 2 years ago
• Rezonate-io / github-oidc-checker
  Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts
  ☆57Updated last year
• jdyke / gcp-iam-analyzer
  Compares and analyzes GCP IAM roles.
  ☆76Updated 6 months ago
• AirWalk-Digital / AWSXenos
  AWSXenos will list all the trust relationships in all the IAM roles, S3 buckets, and more
  ☆61Updated 5 months ago
• nccgroup / raccoon
  Salesforce object access auditor
  ☆109Updated last year
• 3CORESec / Trapdoor
  Serverless honeytoken 🕵🏻‍♂️
  ☆79Updated last year
• mllamazares / STRIDE-vs-ASVS
  🖇️ STRIDE vs. ASVS equivalence table
  ☆75Updated 3 months ago
• dxa4481 / AttackingAndDefendingTheGCPMetadataAPI
  This repo gives an overview of some GCP metadata API attack and defend patterns
  ☆76Updated 4 years ago
• domain-protect / domain-protect-gcp
  Protect against subdomain takeover
  ☆92Updated 6 months ago
• ncc-erik-steringer / Aerides
  An implementation of infrastructure-as-code scanning using dynamic tooling.
  ☆56Updated 2 years ago
• secmerc / materialize-threats
  ☆61Updated last year
• nccgroup / SFPolDevChk
  Salesforce Policy Deviation Checker
  ☆30Updated 4 years ago
• controlplaneio / truffleproc
  truffleproc — hunt secrets in process memory (TruffleHog & gdb mashup)
  ☆110Updated last year
• crashappsec / github-analyzer
  A tool to check the security settings of Github Organizations.
  ☆69Updated last year
• bullfrogsec / bullfrog
  Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows
  ☆79Updated this week
• gojek / CureIAM
  Clean accounts over permissions in GCP infra at scale
  ☆71Updated last year
• hashicorp-forge / semgrep-rules
  HashiCorp-relevant rules for the Semgrep code analysis tool
  ☆37Updated last year
• SecureStackCo / visualizing-software-supply-chain
  A project to visualize the software supply chain
  ☆36Updated last year
• DigeeX / raider
  DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider
  ☆138Updated 3 years ago
• Frichetten / aws_stealth_perm_enum
  Research on the enumeration of IAM permissions without logging to CloudTrail
  ☆60Updated 3 years ago
• darkarnium / perimeterator
  'Continuous' AWS perimeter monitoring: Periodically scan internet facing AWS resources to detect misconfigured services.
  ☆62Updated 5 years ago
• matthewdfuller / aws-guides
  AWS docs, guides, and other tools
  ☆76Updated last year
• google / localtoast
  ☆107Updated 2 months ago
• hotnops / AWSRoleJuggler
  A toolset to juggle AWS roles for persistent access
  ☆52Updated 3 months ago
• ScaleSec / project_lockdown
  GCP Auto Remediation Suite for High Risk Events
  ☆42Updated 3 years ago