Trickest - Offensive Security Automation

05/11/2024

🔍 Meet the Trickest Query Language™ and take control of your security data insights!

If you are tired of piecing together fragmented data TQL lets you unify, filter, and analyze security data on your terms:

✨ Precise insights
✨ Custom views
✨ Easy integration with your current processes

See the full product update here 👇

Gain unparalleled security insights with Trickest Query Language™. Customize views, filter data, and elevate your offensive security analysis.

17/11/2023

While the cloud offers a multitude of opportunities and possibilities, it also brings forth a darker side...

🎙 Nenad Zaric, Co-founder & CEO Trickest - Offensive Security Automation is joining the 2023 speaker line-up to share his findings from an exhaustive scan of web servers within AWS, GCP, Azure, and DigitalOcean IP ranges.

Join him at the conference, come & learn from the best: https://def.camp/tickets/

Read more about DefCamp's infosec rock stars, here: https://def.camp/speakers/

08/06/2022

It has been 🖐 five months since log4shell dropped.

Since then, we've found some pretty interesting ways of exploiting it. In this blog post, we cover "How to find Log4j Vulnerabilities in Every Possible Way".

Read on, hackers!
👇

This guide covers all the different ways to test for log4j's log4shell vulnerabilities. Find out how to combine different testing techniques to get the best coverage.

12/04/2022

Afraid of leaking your company’s sensitive data?

Employees are more likely to expose secrets than official brand accounts.

Trickest Insiders workflow collects the data of over 450 companies!

https://github.com/trickest/insiders

Archive of Potential Insider Threats. Contribute to trickest/insiders development by creating an account on GitHub.

23/03/2022

Releasing find-gh-poc, the centerpiece of trickest/cve 🚀

Find-gh-poc can help you:
👉 search GitHub for a CVE’s PoCs/exploits
👉 build an archive of PoCs (like we did!)
👉 find all PoCs of a specific off-the-shelf piece of software

Find CVE PoCs on GitHub. Contribute to trickest/find-gh-poc development by creating an account on GitHub.

07/03/2022

Check out our new Asset Inventory of public bug bounty programs:

🏃‍♂️ help bug bounty hunters get up and running as quickly as possible
👀 give security teams better visibility into their assets
⛈ reduce the load and noise that some programs face from automated tools

Asset inventory on public bug bounty programs. Contribute to trickest/inventory development by creating an account on GitHub.

24/02/2022

Releasing our new project, CVEs! A constantly updated collection of 𝘢𝘭𝘮𝘰𝘴𝘵 every publicly available CVE PoC.

👉 Browse, find a PoC, and test away!
👉 Search for a specific product.
👉 Watch the repo to be notified when new PoCs go public!

Gather and update all available and newest CVEs with their PoC. - GitHub - trickest/cve: Gather and update all available and newest CVEs with their PoC.

17/02/2022

Proud to be #1 today on trending with our new repo 🚀

Stay tuned, it's just the first version! 🛠️

GitHub is where over 73 million developers shape the future of software, together. Contribute to the open source community, manage your Git repositories, review code like a pro, track bugs and feat...

10/02/2022

We are thrilled to announce our collaboration with awesome .

Our automated workflow will structure all of the available fuzzing wordlists!

Send us PRs for new source repositories. The workflow will pick 'em up.

Rockyou for web fuzzing. Contribute to six2dez/OneListForAll development by creating an account on GitHub.