bjm243

bjm243's Stars

• projectdiscovery/cvemap

  Navigate the CVE jungle with ease.

  Language:Go1.6k108

• zkoppert/advanced-security-enforcer

  A GitHub action for organizations that enables advanced security code scanning on all new repos

  Language:Python377

• kllund/sample-pipeline-files

  This repository contains pipeline files for various CI/CD systems, illustrating how to integrate the CodeQL CLI Bundle for Automated Code Scanning

  2820

• github/enable-security-alerts-sample

  This repository contains a sample script which can be used to enable security vulnerability alerts in all of the repositories in a given organization.

  Language:JavaScript7947

• 18F/ghad

  GitHub administration command line tool

  Language:JavaScript219

• ThibaudLopez/GHAS

  GitHub Advanced Security (GHAS): CodeQL, Dependabot, and Secret Scanning

  Language:JavaScript72

• streaak/keyhacks

  Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

  4.9k1k

• advanced-security/advanced-security-material

  Language:Shell6623

• mr-sherman/get-dependency-alerts-in-org

  Language:JavaScript31

• jhutchings1/Create-ActionsPRs

  This repository creates pull requests to push a GitHub Actions workflow to a collection of workflows.

  Language:PowerShell4424

• OWASP/DVSA

  a Damn Vulnerable Serverless Application

  Language:JavaScript533190

• tonycch/get-dependabot-alerts-sample

  Get Dependabot Alerts from a repo

  Language:JavaScript138

• NickLiffen/ghas-enablement

  A tool that aims to bulk automates the enablement of GitHub Code Scanning, Secret Scanning and Dependabot across multiple repositories.

  Language:TypeScript15353

• GeekMasher/advanced-security-compliance

  GitHub Advance Security Compliance Action

  Language:Python13129

• dolevf/graphw00f

  graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.

  Language:Python55168

• github/roadmap

  GitHub public roadmap

  7.9k989

• secdec/attack-surface-detector-burp

  The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters

  Language:Java9627

• dolevf/Damn-Vulnerable-GraphQL-Application

  Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practising GraphQL Security.

  Language:JavaScript1.5k297

• phonomenal/GitHub-Platform-Demo

  Language:Shell55

• bradleyjkemp/grpc-tools

  A suite of gRPC debugging tools. Like Fiddler/Charles but for gRPC.

  Language:Go1.2k78

• Santandersecurityresearch/corsair_scan

  Corsair_scan is a security tool to test Cross-Origin Resource Sharing (CORS).

  Language:Python12215

• michenriksen/aquatone

  A Tool for Domain Flyovers

  Language:Go5.6k873

• OWASP/www-community

  OWASP Community Pages are a place where OWASP can accept community contributions for security-related content.

  Language:HTML1.1k677

• DefectDojo/django-DefectDojo

  DevSecOps, ASPM, Vulnerability Management. All on one platform.

  Language:HTML3.6k1.5k

• jvehent/awesome-devsecops

  An authoritative list of awesome devsecops tools with the help from community experiments and contributions.

  31

• fingerprintjs/fingerprintjs

  The most advanced browser fingerprinting library.

  Language:TypeScript21.9k2.2k

• jenkinsci/zap-pipeline-plugin

  OWASP ZAP Jenkins Plugin for Pipeline builds

  Language:Java1520

• Grunny/zap-cli

  A simple tool for interacting with OWASP ZAP from the commandline.

  Language:Python22870

• isurfbecause/owasp-quick-scan

  Script to run an OWASP quick scan in a docker container

  Language:Shell64

• stephendonner/docker-zap

  Language:Shell2926