一个漏洞扫描工具,可用于扫描容器镜像、系统文件、Git仓库、以及配置和硬编码密钥等
Tfsec is now part of Trivy
翻译 - 🔒🌍为您的Terraform代码提供静态分析支持的安全扫描器
#夺旗赛 (CTF) 和网络安全资源#A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges ...
Kubernetes-native security toolkit
Windows Local Privilege Escalation Cookbook
Stunner is a tool to test and exploit STUN, TURN and TURN over TCP servers.
An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.
yotter - bash script that performs recon and then uses dirb to discover directories that might lead to information leakage
A Trivy plugin that scans and outputs the results (vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more) to an interactive html file.
⛅️🔐 Security Requirements for Yandex.Cloud configuration: IAM, network access, key management, Kubernetes, audit logs.
Plugin for YATAS that audits AWS accounts for misconfiguration and security issues
#安卓#DroidSniper - Misconfigured Android Debug Bridge Scanner
Fast CORS Misconfiguration Scanner
A tool to find .git folder exposed due to server misconfiguration.
Env Breaker adalah Pemindaian dan deteksi file .env pada situs-situs target. Skrip ini membantu mengidentifikasi kemungkinan kebocoran informasi sensitif yang terkait dengan file .env
Plugin for YATAS that audits GCP projects for misconfiguration and security issues
This script automate exploit only cloud service
SecretKeeper is a tool for detecting secrets and misconfigurations on your Git repositories (Bitbucket and GitHub).
⚛️ nucleo is a script that checks common vulnerabilities and security misconfigurations, strongly inspired by nuclei.