Trickest - Offensive Security Automation

🔍 Meet the Trickest Query Language™ and take control of your security data insights!

If you are tired of piecing together fragmented data TQL lets you unify, filter, and analyze security data on your terms:

✨ Precise insights
✨ Custom views
✨ Easy integration with your current processes

See the full product update here 👇

Trickest Query Language™: Customizable Security Data Insights | Trickest Gain unparalleled security insights with Trickest Query Language™. Customize views, filter data, and elevate your offensive security analysis.

While the cloud offers a multitude of opportunities and possibilities, it also brings forth a darker side...

🎙 Nenad Zaric, Co-founder & CEO Trickest - Offensive Security Automation is joining the 2023 speaker line-up to share his findings from an exhaustive scan of web servers within AWS, GCP, Azure, and DigitalOcean IP ranges.

Join him at the conference, come & learn from the best: https://def.camp/tickets/

Read more about DefCamp's infosec rock stars, here: https://def.camp/speakers/

It has been 🖐 five months since log4shell dropped.

Since then, we've found some pretty interesting ways of exploiting it. In this blog post, we cover "How to find Log4j Vulnerabilities in Every Possible Way".

Read on, hackers!
👇

How to find Log4j Vulnerabilities in Every Possible Way | Trickest This guide covers all the different ways to test for log4j's log4shell vulnerabilities. Find out how to combine different testing techniques to get the best coverage.

Afraid of leaking your company’s sensitive data?

Employees are more likely to expose secrets than official brand accounts.

Trickest Insiders workflow collects the data of over 450 companies!

https://github.com/trickest/insiders

GitHub - trickest/insiders: Archive of Potential Insider Threats Archive of Potential Insider Threats. Contribute to trickest/insiders development by creating an account on GitHub.

Releasing find-gh-poc, the centerpiece of trickest/cve 🚀

Find-gh-poc can help you:
👉 search GitHub for a CVE’s PoCs/exploits
👉 build an archive of PoCs (like we did!)
👉 find all PoCs of a specific off-the-shelf piece of software

GitHub - trickest/find-gh-poc: Find CVE PoCs on GitHub Find CVE PoCs on GitHub. Contribute to trickest/find-gh-poc development by creating an account on GitHub.

Check out our new Asset Inventory of public bug bounty programs:

🏃‍♂️ help bug bounty hunters get up and running as quickly as possible
👀 give security teams better visibility into their assets
⛈ reduce the load and noise that some programs face from automated tools

GitHub - trickest/inventory: Asset inventory on public bug bounty programs. Asset inventory on public bug bounty programs. Contribute to trickest/inventory development by creating an account on GitHub.

Releasing our new project, CVEs! A constantly updated collection of 𝘢𝘭𝘮𝘰𝘴𝘵 every publicly available CVE PoC.

👉 Browse, find a PoC, and test away!
👉 Search for a specific product.
👉 Watch the repo to be notified when new PoCs go public!

GitHub - trickest/cve: Gather and update all available and newest CVEs with their PoC. Gather and update all available and newest CVEs with their PoC. - GitHub - trickest/cve: Gather and update all available and newest CVEs with their PoC.

Proud to be #1 today on trending with our new repo 🚀

Stay tuned, it's just the first version! 🛠️

GitHub: Where the world builds software GitHub is where over 73 million developers shape the future of software, together. Contribute to the open source community, manage your Git repositories, review code like a pro, track bugs and feat...

We are thrilled to announce our collaboration with awesome .

Our automated workflow will structure all of the available fuzzing wordlists!

Send us PRs for new source repositories. The workflow will pick 'em up.

GitHub - six2dez/OneListForAll: Rockyou for web fuzzing Rockyou for web fuzzing. Contribute to six2dez/OneListForAll development by creating an account on GitHub.