Cs SuiteCloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.
Stars: ✭ 815 (+288.1%)
cliThe universal GraphQL API and CSPM tool for AWS, Azure, GCP, K8s, and tencent.
Stars: ✭ 811 (+286.19%)
prowlerProwler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.
Stars: ✭ 8,046 (+3731.43%)
OpencspmOpen Cloud Security Posture Management Engine
Stars: ✭ 191 (-9.05%)
CloudsploitCloud Security Posture Management (CSPM)
Stars: ✭ 1,338 (+537.14%)
Ssti Payloads🎯 Server Side Template Injection Payloads
Stars: ✭ 150 (-28.57%)
AnteaterAnteater - CI/CD Gate Check Framework
Stars: ✭ 174 (-17.14%)
Gcp AuditA tool for auditing security properties of GCP projects.
Stars: ✭ 140 (-33.33%)
Edr Testing ScriptTest the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads
Stars: ✭ 136 (-35.24%)
Biu FrameworkBiu-framework🚀 Security Scan Framework For Enterprise Intranet Based Services(企业内网基础服务安全扫描框架)
Stars: ✭ 183 (-12.86%)
GcloudGitHub Action for interacting with Google Cloud Platform (GCP)
Stars: ✭ 153 (-27.14%)
Externalsecret OperatorAn operator to fetch secrets from cloud services and inject them in Kubernetes
Stars: ✭ 177 (-15.71%)
Mix audit🕵️♀️ MixAudit provides a mix deps.audit task to scan a project Mix dependencies for known Elixir security vulnerabilities
Stars: ✭ 146 (-30.48%)
Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (-10.95%)
RecsechRecsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .
Stars: ✭ 173 (-17.62%)
ReconnoitreA security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (+768.57%)
ReplicaGhidra Analysis Enhancer 🐉
Stars: ✭ 194 (-7.62%)
GcpsketchnoteIf you are looking to become a Google Cloud Engineer , then you are at the right place. GCPSketchnote is series where I share Google Cloud concepts in quick and easy to learn format.
Stars: ✭ 2,631 (+1152.86%)
DirsearchA Go implementation of dirsearch.
Stars: ✭ 164 (-21.9%)
Find Sec BugsThe SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
Stars: ✭ 1,748 (+732.38%)
YawastYAWAST ...where a pentest starts. Security Toolkit for Web-based Applications
Stars: ✭ 181 (-13.81%)
Striptlsproxy poc implementation of STARTTLS stripping attacks
Stars: ✭ 163 (-22.38%)
SipptsSet of tools to audit SIP based VoIP Systems
Stars: ✭ 116 (-44.76%)
Git ScannerA tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public
Stars: ✭ 157 (-25.24%)
GardenerKubernetes-native system managing the full lifecycle of conformant Kubernetes clusters as a service on Alicloud, AWS, Azure, GCP, OpenStack, EquinixMetal, vSphere, MetalStack, and Kubevirt with minimal TCO.
Stars: ✭ 2,093 (+896.67%)
LibdiffuzzCustom memory allocator that helps discover reads from uninitialized memory
Stars: ✭ 147 (-30%)
Gcp Data Engineer ExamStudy materials for the Google Cloud Professional Data Engineering Exam
Stars: ✭ 144 (-31.43%)
LyraOpen Source Workflow Engine for Cloud Native Infrastructure
Stars: ✭ 203 (-3.33%)
Sqlite LabThis code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is for fun. Just enjoy it \m/
Stars: ✭ 140 (-33.33%)
Bitcoin EtlETL scripts for Bitcoin, Litecoin, Dash, Zcash, Doge, Bitcoin Cash. Available in Google BigQuery https://goo.gl/oY5BCQ
Stars: ✭ 174 (-17.14%)
YawpKotlin/Java API framework for Google Appengine
Stars: ✭ 136 (-35.24%)
Bosh BootloaderCommand line utility for standing up a BOSH director on an IAAS of your choice.
Stars: ✭ 171 (-18.57%)
NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+818.1%)
BuccThe fastest way to get a BUCC (BOSH, UAA Credhub and Concourse)
Stars: ✭ 130 (-38.1%)
Zap CliA simple tool for interacting with OWASP ZAP from the commandline.
Stars: ✭ 166 (-20.95%)
Hybrid multicloud overlayMutiCloud_Overlay demonstrates a use case of overlay over one or more clouds such as AWS, Azure, GCP, OCI, Alibaba and a vSphere private infrastructure in Hub and spoke topology, point to point topology and in a Single cloud. Overlay protocols IPv6 and IPv4 are independent of underlying infrastructure. This solution can be integrated with encryption and additional security features.
Stars: ✭ 127 (-39.52%)
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (-13.33%)
VulscanAdvanced vulnerability scanning with Nmap NSE
Stars: ✭ 2,305 (+997.62%)
Horn3tPowerful Visual Subdomain Enumeration at the Click of a Mouse
Stars: ✭ 120 (-42.86%)
CheckovPrevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.
Stars: ✭ 3,572 (+1600.95%)
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (-22.86%)
Encrypt.toSend encrypted PGP messages with one click
Stars: ✭ 116 (-44.76%)
WynisAudit Windows Security with best Practice
Stars: ✭ 116 (-44.76%)
DockleContainer Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
Stars: ✭ 1,713 (+715.71%)
Nndefacctsnnposter's alternate fingerprint dataset for Nmap script http-default-accounts
Stars: ✭ 180 (-14.29%)
Drone GkeDrone plugin for deploying containers to Google Kubernetes Engine (GKE)
Stars: ✭ 159 (-24.29%)
Inspec GcpInSpec GCP (Google Cloud Platform) Resource Pack
Stars: ✭ 113 (-46.19%)
Qwiklabslabs guide for completing qwiklabs challenge
Stars: ✭ 103 (-50.95%)
HardentheworldHarden the world is a community driven project to develop hardening guidelines and checklists for common software and devices.
Stars: ✭ 158 (-24.76%)
WhispersIdentify hardcoded secrets and dangerous behaviours
Stars: ✭ 66 (-68.57%)