Alternatives and similar repositories for cis-benchmarks

Users that are interested in cis-benchmarks are comparing it to the libraries listed below

• AbstractClass / CloudPrivs
  Determine privileges from cloud credentials via brute-force testing.
  ☆69Updated 9 months ago
• adulau / active-scanning-techniques
  A compilation of network scanning strategies to find vulnerable devices
  ☆73Updated 2 years ago
• mhaskar / Bughound
  Static code analysis tool based on Elasticsearch
  ☆129Updated 4 years ago
• darkarnium / Log4j-CVE-Detect
  Detections for CVE-2021-44228 inside of nested binaries
  ☆34Updated 3 years ago
• GovTech-CSG / Autowasp
  BurpSuite Extension: A one-stop pen testing checklist and logger tool
  ☆75Updated 2 years ago
• Blumira / Kerberoast-Detection
  Kerberoast Detection Script
  ☆30Updated 7 months ago
• projectdiscovery / network-fingerprint
  A fingerprint generation helper for nuclei network templates
  ☆73Updated 2 years ago
• leesoh / np
  A tool to parse, deduplicate, and query multiple port scans.
  ☆59Updated last year
• righettod / log4shell-analysis
  Contains all my research and content produced regarding the log4shell vulnerability
  ☆31Updated 3 years ago
• righel / log4shell_nse
  nse script to inject jndi payloads
  ☆46Updated 3 years ago
• Sprocket-Security / cvetrends
  cvet is a Python utility for pulling actionable vulnerabilities from cvetrends.com
  ☆39Updated 2 years ago
• SygniaLabs / security-cloud-scout
  ☆137Updated 2 years ago
• mandiant / heyserial
  Programmatically create hunting rules for deserialization exploitation with multiple keywords, gadget chains, object types, encodings, an…
  ☆143Updated 2 years ago
• cyware-labs / Threat-Response-Docker
  ☆43Updated 2 years ago
• tenable / audit_files
  Nessus Audit files
  ☆32Updated 2 years ago
• nccgroup / ccs
  ☆111Updated last year
• gand3lf / semgrepper
  An extension to use Semgrep inside Burp Suite.
  ☆89Updated 2 weeks ago
• expl0itabl3 / Redsheet
  Red Teaming & Active Directory Cheat Sheet.
  ☆40Updated last year
• yozgarcia / el_segmentador
  Tool to automate corporate network segmentation test
  ☆20Updated 4 years ago
• lightspin-tech / lightspin-2022-top-7-attack-paths
  Based on Lightspin proprietary data, research, and our tracking of cloud security trends in the market, our research team has compiled a …
  ☆40Updated 2 years ago
• nightwatchcybersecurity / gitbleed_tools
  ☆90Updated 3 years ago
• thesubtlety / go-decrypt-jenkins
  Simple tool to decrypt Jenkins encrypted strings
  ☆76Updated last year
• stafordtituss / HazProne
  HazProne is a Cloud Pentesting Framework that emulates close to Real-World Scenarios by deploying Vulnerable-By-Demand AWS resources enab…
  ☆39Updated 2 years ago
• vmware-labs / attack-surface-framework
  Tool to discover external and internal network attack surface
  ☆198Updated last year
• nicolasriverocorvalan / cloud-sniper
  Virtual Security Operations Center
  ☆50Updated last year
• WhiteOakSecurity / GoAWSConsoleSpray
  Tool to spray AWS Console IAM Logins
  ☆29Updated 2 years ago
• Rhynorater / Okta-Password-Sprayer
  This script is a multi-threaded Okta password sprayer.
  ☆70Updated last year
• OWASP / owasp-cstg
  ☆36Updated 4 years ago
• BushidoUK / Abused-Legitimate-Services
  Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups
  ☆60Updated 2 years ago
• NicholasSpringer / thunder-ctf
  GCP cloud security CTF
  ☆45Updated last month