GitHub - betterleaks/betterleaks: A Better Secrets Scanner built for configurability and speed
Betterleaks is a tool for detecting secrets like passwords, API keys, and tokens in git repos, files, and whatever else you wanna throw at it via stdin. If you wanna learn more about how the detection engine works check out this blog: Regex is (almost) all you need. Betterleaks development is supported by Aikido Security ➜ ~/code(master) betterleaks git -v ○ ○ ● ○ Betterleaks v1.0.0 Finding: "expo
trufflehogを活用したGitHub Organizationのcredentialsスキャン - 10X Product Blog
こんにちは、セキュリティチームの@sota1235です。 突然ですが、ソフトウェアエンジニアの皆さんに質問です。他者に漏らしてはいけないAPI keyやSSHのprivate keyを誤ってGitHubにpushしてしまったことはありますか?私はあります。*1 日々、スピード感を持ってものづくりに臨んでいく中で本当はcommitしてはいけないものを間違ってcommitしたり、それに気づかずにGitHubにpushしてしまうなんてことは人間がミスをする生き物である以上、誰にでも起きえる事故です。 今回はそんな事故を検知するのにtrufflehogを活用しているお話をします。 なお今回は事故を未然に予防する話には触れません。 github.com credentialsを誤ってGitHubにpushすることのリスク credentialsとは credentialsのあるべき管理方法 GitH
GitHub - royhills/ike-scan: The IKE Scanner
ike-scan uses the standard GNU autoconf and automake tools, so installation is the normal process: Run git clone https://github.com/royhills/ike-scan.git to obtain the project source code Run cd ike-scan to enter source directory Run autoreconf --install to generate a viable ./configure file Run ./configure or ./configure --with-openssl to use the OpenSSL libraries Run make to build the project Ru
リリース、障害情報などのサービスのお知らせ
最新の人気エントリーの配信
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
GitHub - reewardius/Nuclei-AI-Prompts: Nuclei-AI-Prompts
GitHub - runZeroInc/sshamble: SSHamble: Unexpected Exposures in SSH
GitHub - drego85/JoomlaScan: A free software to find the components installed in Joomla CMS, built out of the ashes of Joomscan.
GitHub - Chocapikk/wpprobe: A fast WordPress plugin enumeration tool
GitHub - adysec/nuclei_poc: Nuclei POC,每2小时更新 | 自动整合全网Nuclei的漏洞POC,实时同步更新最新POC,保存已被删除的POC。通过批量克隆Github项目,获取Nuclei POC,并将POC按类别分类存放,使用Github Action实现。已有41w+POC,其中3.5w+高质量POC
GitHub - cyberaz0r/badmoodle: Moodle community-based vulnerability scanner
GitHub - inc0d3/moodlescan: Tool for scan vulnerabilities in Moodle platforms
GitHub - ANG13T/netspionage: Network Forensics CLI utility that performs Network Scanning, OSINT, and Attack Detection
GitHub - laysakura/PEN200-OSCP-DynamicCheatSheat: A dynamic cheat sheet for PEN-200, OSCP, and other pentests made with Google Sheets
GitHub - nullt3r/udpx: Fast and lightweight, UDPX is a single-packet UDP scanner written in Go that supports the discovery of over 45 services with the ability to add custom ones. It is easy to use and portable, and can be run on Linux, Mac OS, and Window
GitHub - bitquark/shortscan: An IIS short filename enumeration tool
GitHub - LearnGolang/LearnGolang: 《Golang学习资源大全-只有Go语言才能改变世界》Only Golang Can Change The World.
GitHub - queercat/BannerGrab: A simple Python script that tries to grab a HTTP, FTP, and SMTP banners.
GitHub - jaygreig86/dmitry: DMitry (Deepmagic Information Gathering Tool)
GitHub - Email-Analysis-Toolkit/command-injection-scanner
GitHub - ATpiu/asset-scan: asset-scan是一款适用甲方企业的外网资产周期性扫描监控系统
GitHub - Ostorlab/KEV: Ostorlab KEV: One-command to detect most remotely known exploitable vulnerabilities. Sourced from CISA KEV, Google's Tsunami, Ostorlab's Asteroid and Bug Bounty programs.