Explore Projects
Discover 24 open source projects
Showing 1-20 of 24 projects
aquasecurity/trivy
Security scanner for vulnerabilities, misconfigurations, secrets, and SBOM in containers, Kubernetes, code repos, and clouds
GTFOBins/GTFOBins.github.io
A curated list of Unix-like executables that can bypass local security restrictions in misconfigured systems.
kubescape/kubescape
Kubescape is an open-source Kubernetes security platform that provides risk analysis, security, compliance, and misconfiguration scanning.
bridgecrewio/checkov
Checkov is a tool to prevent cloud misconfigurations and find vulnerabilities in infrastructure as code, container images, and open-source packages.
liamg/traitor
Automatic Linux privilege escalation tool that exploits common vulnerabilities and misconfigurations.
aquasecurity/tfsec
Tfsec is an open-source static code analysis tool for Terraform that helps find misconfigurations and potential security issues.
datreeio/datree
Datree is a policy enforcement solution to prevent Kubernetes misconfigurations from reaching production.
sa7mon/S3Scanner
Scan for misconfigured S3 buckets across S3-compatible APIs
Checkmarx/kics
KICS by Checkmarx helps developers find security vulnerabilities and compliance issues in infrastructure-as-code early in the development cycle.
m0rtem/CloudFail
A Python tool that can discover hidden IP addresses behind Cloudflare using misconfigured DNS and old database records.
TH3xACE/SUDO_KILLER
A tool to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems.
TheKingOfDuck/burpFakeIP
A Burp Suite plugin for testing web applications by spoofing IP addresses in case of server misconfigurations.
liamg/gitjacker
A Go tool to leak git repositories from misconfigured websites for security research and penetration testing.
stark0de/nginxpwner
A Python tool to find common Nginx misconfigurations and vulnerabilities.
C0nw0nk/Nginx-Lua-Anti-DDoS
An anti-DDoS Lua script for Nginx to protect web servers from various attack types using a JavaScript-based authentication puzzle.
s0md3v/Corsy
A Python tool that scans for misconfigurations in Cross-Origin Resource Sharing (CORS) policies.
jakehildreth/Locksmith
A PowerShell tool to find and fix common misconfigurations in Active Directory Certificate Services.
cyberark/KubiScan
A tool to scan Kubernetes clusters for risky permissions and misconfigurations.
nickvourd/Windows-Local-Privilege-Escalation-Cookbook
This Windows Local Privilege Escalation Cookbook provides PowerShell scripts and techniques for privilege escalation on Windows systems.
chenjj/CORScanner
A fast, open-source CORS misconfiguration vulnerability scanner written in Python.
Stay in the loop
Get weekly updates on trending AI coding tools and projects.