sec-mirror / cis-benchmarks

Related projects ⓘ

Alternatives and complementary repositories for cis-benchmarks

• lightspin-tech / lightspin-2022-top-7-attack-paths
  Based on Lightspin proprietary data, research, and our tracking of cloud security trends in the market, our research team has compiled a …
  ☆39Updated 2 years ago
• vmware-labs / attack-surface-framework
  Tool to discover external and internal network attack surface
  ☆192Updated 5 months ago
• AbstractClass / CloudPrivs
  Determine privileges from cloud credentials via brute-force testing.
  ☆64Updated 2 months ago
• PortSwigger / nuclei-burp-integration
  Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.
  ☆27Updated last year
• doyensec / cloudsec-tidbits
  Blogpost series showcasing interesting cloud - web app security bugs
  ☆46Updated last year
• mhaskar / Bughound
  Static code analysis tool based on Elasticsearch
  ☆130Updated 3 years ago
• projectdiscovery / network-fingerprint
  A fingerprint generation helper for nuclei network templates
  ☆71Updated last year
• nccgroup / ccs
  ☆109Updated last year
• thesubtlety / go-decrypt-jenkins
  Simple tool to decrypt Jenkins encrypted strings
  ☆71Updated last year
• NotSoSecure / cloud-sec-wiki
  Jekyll Files for cloudsecwiki.com
  ☆49Updated 3 years ago
• Lu1sDV / wafme0w
  Fast and lightweight Web Application Firewall Fingerprinting tool
  ☆60Updated last year
• righettod / log4shell-analysis
  Contains all my research and content produced regarding the log4shell vulnerability
  ☆32Updated 2 years ago
• cyware-labs / Threat-Response-Docker
  ☆42Updated last year
• krol3 / kubernetes-security-checklist
  Awesome resources about Security in Kubernetes
  ☆40Updated last year
• Macmod / goblob
  A fast enumeration tool for publicly exposed Azure Storage blobs.
  ☆77Updated last year
• bcoles / jira_scan
  A simple remote scanner for Atlassian Jira
  ☆118Updated last year
• xmpf / mindmaps
  Mindmaps allow to organize and understand information faster and better.
  ☆2Updated 3 years ago
• adulau / active-scanning-techniques
  A compilation of network scanning strategies to find vulnerable devices
  ☆72Updated 2 years ago
• ghostsecurity / waf-btk
  WAF bypass PoC
  ☆43Updated last year
• BishopFox / bigip-scanner
  Determine the running software version of a remote F5 BIG-IP management interface.
  ☆63Updated 10 months ago
• Macmod / STARS
  A multi-cloud DNS record scanner that aims to help cybersecurity/IT analysts identify dangling CNAME records in their cloud DNS services …
  ☆49Updated last year
• carlospolop / Cloudtrail2IAM
  ☆16Updated last year
• JOSHUAJEBARAJ / GCP-GOAT
  GCP GOAT is the vulnerable application for learn the GCP Security
  ☆62Updated last year
• vengatesh-nagarajan / Cloud-pentest
  Resources to learn cloud environment and pentesting the same, contains AWS, Azure, Google Cloud
  ☆50Updated 2 years ago
• vortexau / cdn
  Compiles a list of major CDN and WAF subnets.
  ☆63Updated this week
• GovTech-CSG / Autowasp
  BurpSuite Extension: A one-stop pen testing checklist and logger tool
  ☆74Updated 2 years ago
• cramppet / dank
  a deterministic finite automata ranker
  ☆69Updated 2 years ago
• dsecuredcom / yataf
  yataf extracts secrets and paths from files or urls - its best used against javascript files
  ☆51Updated last month
• sharathkramadas / k8s-nuclei-templates
  Nuclei templates for K8S security scanning
  ☆102Updated 2 years ago