Alternatives and similar repositories for cis-benchmarks

Users that are interested in cis-benchmarks are comparing it to the libraries listed below

• softrams / bulwark
  An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
  ☆182Updated last month
• vmware-labs / attack-surface-framework
  Tool to discover external and internal network attack surface
  ☆204Updated last year
• mhaskar / Bughound
  Static code analysis tool based on Elasticsearch
  ☆129Updated 4 years ago
• matiassequeira / docker_explorer
  Scan DockerHub images that match a keyword to find secrets.
  ☆61Updated 4 years ago
• nccgroup / ccs
  ☆114Updated 2 years ago
• grines / scour
  ☆127Updated last year
• PortSwigger / nuclei-burp-integration
  Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.
  ☆31Updated 2 years ago
• gand3lf / semgrepper
  An extension to use Semgrep inside Burp Suite.
  ☆89Updated 7 months ago
• tenable / audit_files
  Nessus Audit files
  ☆32Updated 2 years ago
• RossGeerlings / webstor
  WebStor efficiently enumerates all websites across your organization’s networks and those in your DNS records - including cloud-hosted se…
  ☆156Updated last year
• darkarnium / Log4j-CVE-Detect
  Detections for CVE-2021-44228 inside of nested binaries
  ☆35Updated 4 years ago
• nccgroup / cloud_ip_ranges
  Identify IP addresses owned by public cloud providers
  ☆126Updated last year
• Ebryx / Nessus_Map
  Parse .nessus file(s) and shows output in interactive UI
  ☆163Updated this week
• prjblk / nessus-database-export
  Script to export Nessus results to a relational database for use in reports, analysis, or whatever else.
  ☆70Updated 8 months ago
• reconmap / web-client
  Reconmap's web client written in React. Manage all your pentest projects from a single place.
  ☆51Updated this week
• The-Login / DNS-Reset-Checker
  Tools to assess the DNS security of web applications
  ☆128Updated 3 years ago
• nicolasriverocorvalan / cloud-sniper
  Virtual Security Operations Center
  ☆52Updated 2 years ago
• AbstractClass / CloudPrivs
  Determine privileges from cloud credentials via brute-force testing.
  ☆67Updated last year
• GovTech-CSG / Autowasp
  BurpSuite Extension: A one-stop pen testing checklist and logger tool
  ☆76Updated 3 years ago
• Orange-Cyberdefense / versionshaker
  Find the remote website version based on a git repository
  ☆126Updated 4 years ago
• nightwatchcybersecurity / gitbleed_tools
  ☆90Updated 3 years ago
• Macmod / STARS
  A multi-cloud DNS record scanner that aims to help cybersecurity/IT analysts identify dangling CNAME records in their cloud DNS services …
  ☆50Updated 2 years ago
• JOSHUAJEBARAJ / GCP-GOAT
  GCP GOAT is the vulnerable application for learn the GCP Security
  ☆70Updated 7 months ago
• primait / nuvola
  ☆142Updated last week
• nccgroup / whalescan
  Whalescan is a vulnerability scanner for Windows containers, which performs several benchmark checks, as well as checking for CVEs/vulner…
  ☆156Updated 2 years ago
• bcoles / jira_scan
  A simple remote scanner for Atlassian Jira
  ☆121Updated 2 years ago
• g3rzi / HackingKubernetes
  This repository contain any information that can be used to hack Kubernetes
  ☆111Updated 3 years ago
• PortSwigger / saml-raider
  SAML2 Burp Extension
  ☆33Updated 3 weeks ago
• adulau / active-scanning-techniques
  A compilation of network scanning strategies to find vulnerable devices
  ☆73Updated 3 years ago
• NotSoSecure / cloud-sec-wiki
  Jekyll Files for cloudsecwiki.com
  ☆49Updated 4 years ago