bjm243's Stars
projectdiscovery/cvemap
Navigate the CVE jungle with ease.
zkoppert/advanced-security-enforcer
A GitHub action for organizations that enables advanced security code scanning on all new repos
kllund/sample-pipeline-files
This repository contains pipeline files for various CI/CD systems, illustrating how to integrate the CodeQL CLI Bundle for Automated Code Scanning
github/enable-security-alerts-sample
This repository contains a sample script which can be used to enable security vulnerability alerts in all of the repositories in a given organization.
18F/ghad
GitHub administration command line tool
ThibaudLopez/GHAS
GitHub Advanced Security (GHAS): CodeQL, Dependabot, and Secret Scanning
streaak/keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
advanced-security/advanced-security-material
mr-sherman/get-dependency-alerts-in-org
jhutchings1/Create-ActionsPRs
This repository creates pull requests to push a GitHub Actions workflow to a collection of workflows.
OWASP/DVSA
a Damn Vulnerable Serverless Application
tonycch/get-dependabot-alerts-sample
Get Dependabot Alerts from a repo
NickLiffen/ghas-enablement
A tool that aims to bulk automates the enablement of GitHub Code Scanning, Secret Scanning and Dependabot across multiple repositories.
GeekMasher/advanced-security-compliance
GitHub Advance Security Compliance Action
dolevf/graphw00f
graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.
github/roadmap
GitHub public roadmap
secdec/attack-surface-detector-burp
The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
dolevf/Damn-Vulnerable-GraphQL-Application
Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practising GraphQL Security.
phonomenal/GitHub-Platform-Demo
bradleyjkemp/grpc-tools
A suite of gRPC debugging tools. Like Fiddler/Charles but for gRPC.
Santandersecurityresearch/corsair_scan
Corsair_scan is a security tool to test Cross-Origin Resource Sharing (CORS).
michenriksen/aquatone
A Tool for Domain Flyovers
OWASP/www-community
OWASP Community Pages are a place where OWASP can accept community contributions for security-related content.
DefectDojo/django-DefectDojo
DevSecOps, ASPM, Vulnerability Management. All on one platform.
jvehent/awesome-devsecops
An authoritative list of awesome devsecops tools with the help from community experiments and contributions.
fingerprintjs/fingerprintjs
The most advanced browser fingerprinting library.
jenkinsci/zap-pipeline-plugin
OWASP ZAP Jenkins Plugin for Pipeline builds
Grunny/zap-cli
A simple tool for interacting with OWASP ZAP from the commandline.
isurfbecause/owasp-quick-scan
Script to run an OWASP quick scan in a docker container
stephendonner/docker-zap