Contrast-Security-OSS / BurptrastLinks
Burp Plugin for Contrast Security
☆16Updated 8 months ago
Alternatives and similar repositories for Burptrast
Users that are interested in Burptrast are comparing it to the libraries listed below
Sorting:
- A step-by-step walkthrough of CloudGoat 2.0 scenarios.☆134Updated 5 years ago
- Semgrep rules corresponding to the OWASP ASVS standard☆27Updated 4 years ago
- 🖇️ STRIDE vs. ASVS equivalence table☆76Updated 10 months ago
- Presentations, training modules, and other education materials from Duo Security's Application Security team.☆74Updated 3 years ago
- Orchestron is an Application Vulnerability Management and Correlation Tool.Orchestron helps you solve one key problem "Find and fix vulne…☆31Updated 2 years ago
- Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.☆76Updated 3 years ago
- A simple file-based scanner to look for potential AWS access and secret keys in files☆92Updated last year
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆103Updated last year
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆63Updated 2 years ago
- OWASP practice lab, just a few copy/pastes away. Fully stacked and ready to go with Docker☆19Updated 6 years ago
- GCP GOAT is the vulnerable application for learn the GCP Security☆64Updated last month
- Route53/CloudFront Vulnerability Assessment Utility☆86Updated last year
- POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF☆58Updated last year
- The Pixi module is a MEAN Stack web app with wildly insecure APIs!☆126Updated 2 years ago
- MetaSec.js combines all the free open-source security tools to identify issues with JavaScript and automates the boring parts☆81Updated 2 years ago
- ☆32Updated 2 years ago
- ☆65Updated 2 years ago
- A logging DNS and HTTP(S) server. Opensource alternative to some parts of the Burpsuite Collaborator server.☆38Updated 7 years ago
- ☆36Updated 4 years ago
- All-in-one AWS S3 bucket tool for pentesters.☆74Updated 6 years ago
- Corsair_scan is a security tool to test Cross-Origin Resource Sharing (CORS).☆122Updated 2 years ago
- drHEADer helps with the audit of security headers received in response to a single request or a list of requests.☆110Updated 5 months ago
- Scripts and tools for AWS Pentest☆53Updated 4 years ago
- materials we hand out☆146Updated 3 months ago
- ☆123Updated last year
- Reporting Tips for Penetration Testers☆31Updated 4 years ago
- This repo gives an overview of some GCP metadata API attack and defend patterns☆76Updated 5 years ago
- A small tool to help developers understand a huge set of security requirements from appsec teams☆45Updated 2 years ago
- Offensive Terraform module which creates EC2 instance and reverse shell from an EC2 instance to attacker machine.☆17Updated 4 years ago
- Curated list of public penetration testing reports released by several consulting firms☆48Updated 7 years ago