MCIR
A framework for building code injection vulnerability testbeds
NoSQLMap is an open source Python tool designed to audit for as well as automate injection attacks and exploit default configuration weaknesses in NoSQL databases and web applications using NoSQL in order to disclose or clone data from the database. Originally authored by @tcsstool and now maintained by @codingo_ NoSQLMap is named as a tribute to Bernardo Damele and Miroslav's Stampar's popular SQL injection tool sqlmap. Its concepts are based on and extensions of Ming Chow's excellent presentation at Defcon 21, 'Abusing NoSQL Databases'. NoSQLMap MongoDB Management Attack Demo.
A framework for building code injection vulnerability testbeds
kube-hunter hunts for security weaknesses in Kubernetes clusters.
HTTP parameter discovery suite
SSLyze is a fast and powerful SSL/TLS scanning tool and Python library with a focus on speed, reliability, and ease of integration.
Python-based extension for integrating a Yara scanner into Burp Suite for on-demand website scans based on custom rules.
A series of small test cases designed to exercise different parts of a static security analyzer