semgrep / semgrep-docs

Related projects: ⓘ

• federicodotta / semgrep-rules
  A collection of my Semgrep rules
  ☆46Updated last year
• franksec42 / Vulnerability-management-maturity
  Maturity Model Collaborative project
  ☆13Updated last year
• apiiro / combobulator
  Dependency Combobulator
  ☆85Updated 8 months ago
• AdnaneKhan / ActionsCacheBlasting
  Proof-of-concept code for research into GitHub Actions Cache poisoning.
  ☆19Updated last month
• vmnguyen / semgrep-rules
  My custom semgrep rules
  ☆18Updated 4 years ago
• nccgroup / nlist
  An nmap script to produce target lists for use with various tools.
  ☆33Updated 3 years ago
• SpiderLabs / masher
  multiple password 'asher using Python’s hashlib
  ☆15Updated 3 years ago
• nccgroup / RFC-Security-Research
  Paper, data and code from Investigating Potential Security Vulnerability Manifestation through Various Analyses & Inferences Regarding In…
  ☆18Updated 3 years ago
• AdnaneKhan / ActionsTOCTOU
  Example repository for GitHub Actions Time of Check to Time of Use (TOCTOU vulnerabilities)
  ☆20Updated 2 months ago
• nccgroup / cowcloud
  ☆58Updated last year
• PortSwigger / attack-surface-detector
  The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
  ☆13Updated 2 years ago
• PortSwigger / paramalyzer
  Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.
  ☆30Updated last year
• iosifache / semgrep-rules-manager
  Manager of third-party sources of Semgrep rules 🗂
  ☆74Updated last month
• cider-rnd / secret-diver
  ☆30Updated this week
• nccgroup / s3_objects_check
  Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.
  ☆74Updated 2 years ago
• nccgroup / SFPolDevChk
  Salesforce Policy Deviation Checker
  ☆29Updated 3 years ago
• NotSoSecure / cloud-sec-wiki
  Jekyll Files for cloudsecwiki.com
  ☆49Updated 3 years ago
• DefectDojo / Burp-Plugin
  A Burp plugin to export findings to DefectDojo
  ☆29Updated 10 months ago
• zapbot / zap-mgmt-scripts
  ZAP Management Scripts
  ☆20Updated last week
• nccgroup / insject
  insject is a tool for poking at containers. It enables you to run an arbitrary command in a container or any mix of Linux namespaces.
  ☆49Updated 2 years ago
• twistlock / lambda-persistency-poc
  PoC for gaining persistency on vulnerable Lambdas
  ☆30Updated 3 years ago
• JOSHUAJEBARAJ / GCP-GOAT
  GCP GOAT is the vulnerable application for learn the GCP Security
  ☆61Updated 11 months ago
• pry0cc / mapper
  A tool to run nmap against each line in a script.
  ☆16Updated 3 years ago
• OWASP / Application-Security-Curriculum
  ☆19Updated 3 years ago
• akabe1 / akabe1-semgrep-rules
  My collection of Semgrep rules for vulnerability detection on source code (swift, java)
  ☆30Updated 6 months ago
• PortSwigger / aws-security-checks
  AWS Security Checks
  ☆36Updated 6 years ago
• strikergoutham / Anti-Takeover
  Anti-Takeover is a sub domain monitoring tool for (blue/purple) team / internal security team which uses cloud flare. Currently Anti-Take…
  ☆12Updated 4 years ago
• ghostsecurity / waf-btk
  WAF bypass PoC
  ☆43Updated 11 months ago
• shivsahni / NSDetect
  ☆22Updated 2 years ago
• Threagile / run-threagile-action
  GitHub action to run Threagile, the agile threat modeling toolkit, on a repo's threagile.yaml file
  ☆13Updated 4 months ago