Alternatives and similar repositories for ASST

Users that are interested in ASST are comparing it to the libraries listed below

• JavierOlmedo / OWASP-Calculator
  🧮 An online calculator to assess the risk of web vulnerabilities based on OWASP Risk Assessment
  ☆161Updated 4 years ago
• BBVA / apicheck
  The DevSecOps toolset for REST APIs
  ☆276Updated 2 years ago
• Probely / security_checklist
  Web Application Security Checklist
  ☆133Updated 6 months ago
• OWASP / SecureTea-Project
  The OWASP SecureTea Project provides a one-stop security solution for various devices (personal computers / servers / IoT devices)
  ☆300Updated 2 years ago
• softrams / bulwark
  An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
  ☆183Updated last week
• OWASP / raider
  OWASP Raider: a novel framework for manipulating the HTTP processes of persistent sessions
  ☆104Updated 2 years ago
• purpleteam-labs / purpleteam
  CLI component of OWASP PurpleTeam
  ☆131Updated last year
• ScaleSec / vulnado
  Purposely vulnerable Java application to help lead secure coding workshops
  ☆187Updated last year
• OWASP / RiskAssessmentFramework
  The Secure Coding Framework
  ☆268Updated 5 years ago
• Patrowl / PatrowlHears
  PatrowlHears - Vulnerability Intelligence Center / Exploits
  ☆164Updated last week
• appsecco / dvja
  Damn Vulnerable Java (EE) Application
  ☆142Updated last year
• ShiftLeftSecurity / tarpit-java
  Tarpit - A Web application seeded with vulnerabilities, rootkits, backdoors & data leaks
  ☆80Updated 3 years ago
• koenbuyens / securityheaders
  Check any website (or set of websites) for insecure security headers.
  ☆252Updated 2 years ago
• juerkkil / secheaders
  Python script to check HTTP security headers
  ☆68Updated 2 months ago
• zaproxy / zap-hud
  The ZAP Heads Up Display (HUD)
  ☆270Updated this week
• 0xSearches / sandcastle
  🏰 A Python script for AWS S3 bucket enumeration.
  ☆145Updated 2 years ago
• righettod / toolbox-pentest-web
  Docker toolbox for pentest of web based application.
  ☆170Updated this week
• secdec / attack-surface-detector-burp
  The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
  ☆106Updated last year
• RossGeerlings / webstor
  WebStor efficiently enumerates all websites across your organization’s networks and those in your DNS records - including cloud-hosted se…
  ☆157Updated last year
• RhinoSecurityLabs / Swagger-EZ
  A tool geared towards pentesting APIs using OpenAPI definitions.
  ☆181Updated 2 years ago
• zaproxy / zaproxy-website
  The source of ZAP website
  ☆76Updated this week
• fportantier / vulpy
  Vulnerable Python Application To Learn Secure Development
  ☆120Updated last year
• jorritfolmer / vulnerable-api
  Enhanced fork with logging, OpenAPI 3.0 and Python 3 for security monitoring workshops
  ☆44Updated last year
• devanshbatham / CertEagle
  Weaponizing Live CT logs for automated monitoring of assets
  ☆134Updated 4 years ago
• wisec / OWASP-Testing-Guide-v5
  The OWASP Testing Guide includes a "best practice" penetration testing framework which users can implement in their own organizations and…
  ☆77Updated 5 years ago
• DevSlop / Pixi
  The Pixi module is a MEAN Stack web app with wildly insecure APIs!
  ☆129Updated 2 years ago
• alb-uss / SECMON
  SECMON is a web-based tool for the automation of infosec watching and vulnerability management with a web interface.
  ☆219Updated 3 years ago
• softwaresecured / secure-code-review-checklist
  A starter secure code review checklist
  ☆181Updated 6 years ago
• PaperMtn / gitlab-watchman
  Finding exposed secrets and personal data in GitLab
  ☆201Updated 10 months ago
• tristanlatr / burpa
  Burp Automator - A Burp Suite Automation Tool. It provides a high level CLI and Python interfaces to Burp Suite scanner and can be used t…
  ☆250Updated last month