wspr-ncsu / github-actions-security-analysis
☆10Updated 8 months ago
Related projects: ⓘ
- Reference architecture and proof of concept implementation for supply chain security gateway☆23Updated last year
- A small library to alter AWS API requests; Used for fuzzing research☆21Updated 10 months ago
- PoC for gaining persistency on vulnerable Lambdas☆30Updated 3 years ago
- A meta-database collecting resources that compile lists of breaches☆17Updated 5 months ago
- Proof-of-concept code for research into GitHub Actions Cache poisoning.☆19Updated last month
- insject is a tool for poking at containers. It enables you to run an arbitrary command in a container or any mix of Linux namespaces.☆49Updated 2 years ago
- HoneyZure is a honeypot tool specifically designed for Azure environments, fully provisioned through Terraform. It leverages a Log Analyt…☆15Updated 3 months ago
- Quick WAF "paranoid" Doctor Evaluation | WAFPARAN01D3 Tool☆25Updated 2 years ago
- A curated list of argument injection vectors☆37Updated 3 weeks ago
- ☆15Updated 7 months ago
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.☆38Updated 9 months ago
- ☆22Updated 3 years ago
- Fun tools around the EBS Direct API☆17Updated 3 years ago
- An implementation of infrastructure-as-code scanning using dynamic tooling.☆56Updated 2 years ago
- ☆17Updated 2 years ago
- python3 scripts to help with aws triage needs☆15Updated 2 years ago
- ☆58Updated last year
- Go module that returns supported regions for a service or supported services for a region☆14Updated 3 months ago
- Example repository for GitHub Actions Time of Check to Time of Use (TOCTOU vulnerabilities)☆20Updated 2 months ago
- Tool for reconnaissance of AWS cloud environments☆13Updated 11 months ago
- AWS SSO serverless phishing API.☆29Updated 3 years ago
- Salesforce Policy Deviation Checker☆29Updated 3 years ago
- ☆15Updated this week
- Konstellation is a configuration-driven CLI tool to enumerate cloud resources and store the data into Neo4j.☆19Updated last year
- My collection of Semgrep rules for vulnerability detection on source code (swift, java)☆30Updated 6 months ago
- Exploit CVE-2021-25735: Kubernetes Validating Admission Webhook Bypass☆18Updated 3 years ago
- Modron - Cloud security compliance☆32Updated 10 months ago
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆13Updated 2 years ago
- An Evil OIDC Server☆49Updated last year
- Blogpost series showcasing interesting cloud - web app security bugs☆44Updated last year