MCIR is a framework for building code injection vulnerability testbeds. MCIR unites SQLol, XMLmao, ShelLOL and XSSmh together in a magical world of code injection! They can experience the magic of feature sharing. MCIR is designed to be good at making new friends, and they get to share updates to sanitization routines, environmental factor options, and interface tweaks. If you want to make a new friend to join the dancing and singing in the Magical Code Injection Rainbow, you can use any of the existing MCIR friends as a template and rewrite the portion where the friend does its magic, so we can inject ALL the things!
FEATURES
SIMILAR TOOLS
A tool to capture all the git secrets by leveraging multiple open source git searching tools.
A vulnerable web site in NodeJS for testing security source code analyzers.
SecurityVulnerability.io simplifies the process of collecting, enriching, and presenting vulnerability information for both human and machine consumption.
Automate the search for Exploits and Vulnerabilities in important databases.
A presentation about the OWASP Top 10, a list of the most critical security risks to web applications.
Automate OSINT for threat intelligence and attack surface mapping with SpiderFoot.
A hosted web application security testing tool that enables security researchers to register, activate their accounts, and scan web applications for vulnerabilities.
A tool to run YARA rules against node_module folders to identify suspicious scripts
PINNED

Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.