sec-mirror / cis-benchmarks

Related projects ⓘ

Alternatives and complementary repositories for cis-benchmarks

• doyensec / cloudsec-tidbits
  Blogpost series showcasing interesting cloud - web app security bugs
  ☆46Updated last year
• AbstractClass / CloudPrivs
  Determine privileges from cloud credentials via brute-force testing.
  ☆64Updated 3 months ago
• gand3lf / semgrepper
  An extension to use Semgrep inside Burp Suite.
  ☆88Updated last year
• nccgroup / ccs
  ☆110Updated last year
• vmware-labs / attack-surface-framework
  Tool to discover external and internal network attack surface
  ☆192Updated 6 months ago
• righel / log4shell_nse
  nse script to inject jndi payloads
  ☆45Updated 2 years ago
• Static-Flow / CloudCopy
  This tool implements a cloud version of the Shadow Copy attack against domain controllers running in AWS using only the EC2:CreateSnapsho…
  ☆117Updated 5 years ago
• JOSHUAJEBARAJ / GCP-GOAT
  GCP GOAT is the vulnerable application for learn the GCP Security
  ☆62Updated last year
• projectdiscovery / network-fingerprint
  A fingerprint generation helper for nuclei network templates
  ☆72Updated 2 years ago
• righettod / log4shell-analysis
  Contains all my research and content produced regarding the log4shell vulnerability
  ☆32Updated 2 years ago
• doyensec / PoiEx
  🌐 Visualize and explore IaC ✒️ Create and share notes in VS Code 🤝 Sync notes and findings in real-time with friends
  ☆71Updated 9 months ago
• mhaskar / Bughound
  Static code analysis tool based on Elasticsearch
  ☆129Updated 3 years ago
• SygniaLabs / security-cloud-scout
  ☆133Updated last year
• cyware-labs / Threat-Response-Docker
  ☆41Updated last year
• Ebryx / Nessus_Map
  Parse .nessus file(s) and shows output in interactive UI
  ☆146Updated 7 months ago
• Blumira / Kerberoast-Detection
  Kerberoast Detection Script
  ☆30Updated 3 weeks ago
• NotSoSecure / cloud-sec-wiki
  Jekyll Files for cloudsecwiki.com
  ☆49Updated 3 years ago
• leesoh / np
  A tool to parse, deduplicate, and query multiple port scans.
  ☆57Updated last year
• GovTech-CSG / Autowasp
  BurpSuite Extension: A one-stop pen testing checklist and logger tool
  ☆74Updated 2 years ago
• darkarnium / Log4j-CVE-Detect
  Detections for CVE-2021-44228 inside of nested binaries
  ☆34Updated 2 years ago
• PortSwigger / nuclei-burp-integration
  Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.
  ☆27Updated last year
• nccgroup / cowcloud
  ☆58Updated last year
• adulau / active-scanning-techniques
  A compilation of network scanning strategies to find vulnerable devices
  ☆73Updated 2 years ago
• jgamblin / CVElk
  Autoconfigured ELK Stack That Contains All EPSS and NVD CVE Data
  ☆47Updated 4 months ago
• telekom-security / cve-2023-3519-citrix-scanner
  Citrix Scanner for CVE-2023-3519
  ☆48Updated last year
• lightspin-tech / lightspin-2022-top-7-attack-paths
  Based on Lightspin proprietary data, research, and our tracking of cloud security trends in the market, our research team has compiled a …
  ☆39Updated 2 years ago
• zer1t0 / awsenum
  Enumerate AWS permissions and resources.
  ☆64Updated 2 years ago
• thelicato / fire
  Take domains on stdin and output them on stdout if they get resolved
  ☆33Updated 2 years ago
• reconmap / web-client
  Reconmap's web client written in React. Manage all your pentest projects from a single place.
  ☆52Updated this week