Alternatives and similar repositories for cis-benchmarks

Users that are interested in cis-benchmarks are comparing it to the libraries listed below

• softrams / bulwark
  An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
  ☆183Updated this week
• mhaskar / Bughound
  Static code analysis tool based on Elasticsearch
  ☆130Updated 5 years ago
• vmware-labs / attack-surface-framework
  Tool to discover external and internal network attack surface
  ☆203Updated last year
• matiassequeira / docker_explorer
  Scan DockerHub images that match a keyword to find secrets.
  ☆61Updated 4 years ago
• Patrowl / PatrowlHears
  PatrowlHears - Vulnerability Intelligence Center / Exploits
  ☆166Updated last week
• reconmap / web-client
  Reconmap's web client written in React. Manage all your pentest projects from a single place.
  ☆51Updated last week
• projectdiscovery / openrisk
  openrisk is a tool that generates a risk score based on the results of a Nuclei scan.
  ☆180Updated last month
• nccgroup / cloud_ip_ranges
  Identify IP addresses owned by public cloud providers
  ☆125Updated last year
• darkarnium / Log4j-CVE-Detect
  Detections for CVE-2021-44228 inside of nested binaries
  ☆35Updated 4 years ago
• pry0cc / proteus
  A projectdiscovery driven attack surface monitoring bot powered by axiom
  ☆190Updated 3 years ago
• gand3lf / semgrepper
  An extension to use Semgrep inside Burp Suite.
  ☆89Updated 8 months ago
• cybervelia / graphicator
  A GraphQL enumeration and extraction tool
  ☆134Updated 3 years ago
• trickest / find-gh-poc
  Find CVE PoCs on GitHub
  ☆158Updated 6 months ago
• Anof-cyber / Pentest-Mapper
  A Burp Suite Extension for pentester and bug bounty hunters an to maintain checklist, map flows, write test cases and track vulnerabiliti…
  ☆119Updated 2 years ago
• righettod / log4shell-analysis
  Contains all my research and content produced regarding the log4shell vulnerability
  ☆31Updated 4 years ago
• dsecuredcom / yataf
  yataf extracts secrets and paths from files or urls - its best used against javascript files
  ☆52Updated last year
• The-Login / DNS-Analysis-Server
  Tools to assess DNS security.
  ☆153Updated last year
• GovTech-CSG / Autowasp
  BurpSuite Extension: A one-stop pen testing checklist and logger tool
  ☆76Updated 3 years ago
• ne0z / DamnVulnerableMicroServices
  This is vulnerable microservice written in many language to demonstrating OWASP API Top Security Risk (under development)
  ☆45Updated 3 years ago
• bcoles / jira_scan
  A simple remote scanner for Atlassian Jira
  ☆121Updated 3 years ago
• alt3kx / CVE-2022-22965
  Spring Framework RCE (CVE-2022-22965) Nmap (NSE) Checker (Non-Intrusive)
  ☆101Updated 3 years ago
• nccgroup / ccs
  ☆114Updated 2 years ago
• hakluke / hakrevshell
  ☆38Updated 4 years ago
• PortSwigger / nuclei-burp-integration
  Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.
  ☆31Updated 2 years ago
• adulau / active-scanning-techniques
  A compilation of network scanning strategies to find vulnerable devices
  ☆73Updated 3 years ago
• The-Login / DNS-Reset-Checker
  Tools to assess the DNS security of web applications
  ☆128Updated 3 years ago
• trinitor / CVE-Vulnerability-Information-Downloader
  Downloads Information from NIST (CVSS), first.org (EPSS), and CISA (Exploited Vulnerabilities) and combines them into one list. Reports f…
  ☆142Updated 3 years ago
• nightwatchcybersecurity / gitbleed_tools
  ☆90Updated 3 years ago
• prjblk / nessus-database-export
  Script to export Nessus results to a relational database for use in reports, analysis, or whatever else.
  ☆70Updated 9 months ago
• grines / scour
  ☆127Updated last year