Gby56

followers

following

stars

Escape

Paris

Organizations

Escape-Technologies

Gabriel Marquet's starred repositories

trivy

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Language:GoApache-2.021757 170 2515

kubeshark

The API traffic analyzer for Kubernetes providing real-time K8s protocol-level visibility, capturing and monitoring all traffic and payloads going in, out and across containers, pods, nodes and clusters. Inspired by Wireshark, purposely built for Kubernetes

Language:GoApache-2.010644 72 294

semgrep

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

Language:OCamlLGPL-2.18966 91 2725

ScoutSuite

Multi-Cloud Security Auditing Tool

Language:PythonGPL-2.06267 128 851

cve

Gather and update all available and newest CVEs with their PoC.

Language:HTMLMIT6189 322 50

dredd

Language-agnostic HTTP API Testing Tool

Language:JavaScriptMIT4149 76 785

django-DefectDojo

DevSecOps, ASPM, Vulnerability Management. All on one platform.

Language:HTMLBSD-3-Clause3449 208 2691

ASVS

Application Security Verification Standard

Language:HTMLCC-BY-SA-4.02552 143 1151

restler-fuzzer

RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.

Language:PythonMIT2495 37 474

scream

Virtual network sound card for Microsoft Windows

Language:C++MS-PL1689 38 162

guac

GUAC aggregates software security metadata into a high fidelity graph database.

Language:GoApache-2.01197 42 419

cfn-diagram

CLI tool to visualise CloudFormation/SAM/CDK stacks as visjs networks, draw.io or ascii-art diagrams.

Language:JavaScript930 15 50

ebpfkit

ebpfkit is a rootkit powered by eBPF

Language:CApache-2.0690 18 6

xdpcap

tcpdump like XDP packet capture

Language:GoBSD-3-Clause676 24 37

ghapi

A delightful and complete interface to GitHub's amazing API

Language:Jupyter NotebookApache-2.0519 9 137

openapi-fuzzer

Black-box fuzzer that fuzzes APIs based on OpenAPI specification. Find bugs for free!

Language:RustAGPL-3.0517 7 26

entitlements-app

The Ruby Gem that Powers Entitlements - GitHub's Identity and Access Management System

Language:RubyMIT405 12 3

APIFuzzer

Fuzz test your application using your OpenAPI or Swagger API definition without coding

Language:PythonGPL-3.0404 10 46

continuous-threat-modeling

A Continuous Threat Modeling methodology

NOASSERTION294 260

mvsp

Minimum Viable Secure Product mvsp.dev

Language:CSSCC0-1.0176 16 11

ggcanary

GitGuardian Canary Tokens

Language:PythonMIT128 16 6

ebpfkit-monitor

ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits

Language:CApache-2.0116 6 4

elevation-of-privilege

An online multiplayer version of the Elevation of Privilege (EoP) threat modeling card game

Language:JavaScriptMIT115 6 50

xss-validator

This is a burp intruder extender that is designed for automation and validation of XSS vulnerabilities.

Language:JavaMIT80 70

pin-github-action

Pin your GitHub actions to a specific hash

Language:JavaScriptMIT67 3 27

spring-rce-vulnerable-app

Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228) and the possible Spring RCE vulnerability.

Language:JavaApache-2.034 20

spython

Example implementations of PEP 578 and 551 entry points

Language:C31 3 2

security-alert

[GitHub] A Command Line ToolKit for GitHub Security Alert.

Language:TypeScriptMIT24 2 38

common-requirement-enumeration

Language:CSSCC0-1.023 10 124

log4shell-mitigation-tester

Log4Shell CVE-2021-44228 mitigation tester

Language:Java16 30