Grow your team on GitHub
GitHub is home to over 28 million developers working together. Join them to grow your own development teams, manage permissions, and collaborate on projects.Sign up
A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.
A tool for quickly evaluating IAM permissions in AWS.
Security auditing tool for AWS environments
asadbg is a framework of tools to aid in automating live debugging of Cisco ASA devices
Set of scripts to deal with Cisco ASA firmware [pack/unpack etc.]
Kubernetes Auto Analyzer
Undetectable Windows Payload Generation
Guesses hash types, picks some sensible dictionaries and rules for hashcat
Google Cloud Platform Security Tool
HTA encryption tool for RedTeams
idahunt is a framework to analyze binaries with IDA Pro and hunt for things in IDA Pro
A DNS rebinding attack framework
AFL/QEMU fuzzing with full-system emulation.
nOBEX allows emulating the PBAP, MAP, and HFP profiles to test vehicle infotainment systems and similar devices using these profiles
Example code included in the "Improving Your Embedded Linux Security Posture with Yocto" whitepaper
Main repository to pull all NCC Group Cisco ASA-related tool projects.
Proxmark3 Amiibo simulator as shown at Recon Montreal 2018
Blackbox protobuf is a Burp Suite extension for decoding and modifying arbitrary protobuf messages without the protobuf type definition.
Discover resources created in an AWS account.
Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans
A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.
Security-focused static analysis for the Phoenix Framework
Automated HTTP Request Repeating With Burp Suite
Security auditing tool for Azure environments
Application for capturing, modifying and sending custom WebSocket data from client to server and vice versa.
Umap2 is the second revision of NCC Group's python based USB host security assessment tool.
A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques
Burp Suite Logger++: Log activities of all the tools in Burp Suite
Python code shared by Scout2 and AWS-Recipes
Generate bulk YARA rules from YAML input