Alternatives and similar repositories for cis-benchmarks:

Users that are interested in cis-benchmarks are comparing it to the libraries listed below

• gand3lf / semgrepper
  An extension to use Semgrep inside Burp Suite.
  ☆88Updated last year
• BishopFox / bigip-scanner
  Determine the running software version of a remote F5 BIG-IP management interface.
  ☆66Updated last year
• Lu1sDV / wafme0w
  Fast and lightweight Web Application Firewall Fingerprinting tool
  ☆62Updated 4 months ago
• Sprocket-Security / cvetrends
  cvet is a Python utility for pulling actionable vulnerabilities from cvetrends.com
  ☆39Updated 2 years ago
• kljunowsky / CVE-2022-42889-text4shell
  Apache commons text - CVE-2022-42889 Text4Shell proof of concept exploit.
  ☆55Updated last year
• GovTech-CSG / Autowasp
  BurpSuite Extension: A one-stop pen testing checklist and logger tool
  ☆75Updated 2 years ago
• emgaurav / objectify-s3
  Objectify-s3 is a tool that recursively checks AWS S3 buckets and objects for misconfigured permissions.
  ☆15Updated 8 months ago
• adulau / active-scanning-techniques
  A compilation of network scanning strategies to find vulnerable devices
  ☆73Updated 2 years ago
• thelicato / fire
  Take domains on stdin and output them on stdout if they get resolved
  ☆33Updated 2 years ago
• righettod / website-passive-reconnaissance
  Script to automate, when possible, the passive reconnaissance performed on a website prior to an assessment.
  ☆37Updated this week
• mhaskar / Bughound
  Static code analysis tool based on Elasticsearch
  ☆129Updated 4 years ago
• Leoid / AWSBurpCollaborator
  Deploy a Private Burpsuite Collaborator using boto3 Python Library
  ☆57Updated 5 years ago
• justmorpheus / burp-automation
  Performing automated scan using Burp Suite Pro & Vmware Burp Rest API
  ☆49Updated 2 years ago
• riramar / h2csmuggler-proxy
  This script just implement a proxy over h2cSmuggler so you can navigate in your browser making requests to the back-end server.
  ☆37Updated 2 years ago
• H4rk3nz0 / Exploits
  A selection of rebuilt and from scratch exploits, scripts and ideas that can be used in red-teaming scenarios.
  ☆6Updated last year
• AbstractClass / CloudPrivs
  Determine privileges from cloud credentials via brute-force testing.
  ☆67Updated 8 months ago
• jaeles-project / jaeles-plugins
  Default plugins for Jaeles Scanner
  ☆33Updated 4 years ago
• dsecuredcom / yataf
  yataf extracts secrets and paths from files or urls - its best used against javascript files
  ☆52Updated 7 months ago
• zer1t0 / awsenum
  Enumerate AWS permissions and resources.
  ☆68Updated 2 years ago
• projectdiscovery / network-fingerprint
  A fingerprint generation helper for nuclei network templates
  ☆72Updated 2 years ago
• austinsonger / OSCP
  Tracking my journey towards earning my OSCP. This includes the process of everything that I learn along the way.
  ☆47Updated 3 years ago
• righettod / log4shell-analysis
  Contains all my research and content produced regarding the log4shell vulnerability
  ☆31Updated 3 years ago
• dillonfranke / protoburp
  Encode and Fuzz Custom Protobuf Messages in Burp Suite
  ☆30Updated last month
• bcoles / jira_scan
  A simple remote scanner for Atlassian Jira
  ☆121Updated 2 years ago
• Orange-Cyberdefense / CVE-repository
  Repository of CVE found by OCD people
  ☆76Updated 9 months ago
• yozgarcia / el_segmentador
  Tool to automate corporate network segmentation test
  ☆19Updated 4 years ago
• JOSHUAJEBARAJ / GCP-GOAT
  GCP GOAT is the vulnerable application for learn the GCP Security
  ☆64Updated last year
• geeknik / nuclei-template-generator
  A simple tool which makes creating nuclei templates even easier.
  ☆36Updated 10 months ago
• nccgroup / ccs
  ☆110Updated last year
• jorgeorchilles / presentations
  Slides and materials for conference presentations
  ☆11Updated last year