Alternatives and similar repositories for ASST:

Users that are interested in ASST are comparing it to the libraries listed below

• JavierOlmedo / OWASP-Calculator
  🧮 An online calculator to assess the risk of web vulnerabilities based on OWASP Risk Assessment
  ☆156Updated 3 years ago
• softrams / bulwark
  An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
  ☆179Updated last week
• DSecureMe / vmc
  VMC: a Scalable, Open Source and Free Vulnerability Management Platform
  ☆88Updated last month
• OWASP / raider
  OWASP Raider: a novel framework for manipulating the HTTP processes of persistent sessions
  ☆104Updated last year
• mhaskar / Bughound
  Static code analysis tool based on Elasticsearch
  ☆129Updated 4 years ago
• softwaresecured / secure-code-review-checklist
  A starter secure code review checklist
  ☆181Updated 6 years ago
• DevSlop / Pixi
  The Pixi module is a MEAN Stack web app with wildly insecure APIs!
  ☆120Updated 2 years ago
• appsecco / dvja
  Damn Vulnerable Java (EE) Application
  ☆134Updated last year
• chennylmf / OWASP-Web-App-Pentesting-checklists
  ☆71Updated 4 years ago
• OWASP / www-project-devsecops-guideline
  The OWASP DevSecOps Guideline explains how we can implement a secure pipeline and use best practices and introduce tools that we can use …
  ☆62Updated 8 months ago
• OWASP / www-project-code-review-guide
  OWASP Code Review Guide Web Repository
  ☆129Updated 2 years ago
• sepehrdaddev / zap-scripts
  Zed Attack Proxy Scripts for finding CVEs and Secrets.
  ☆127Updated 2 years ago
• OWASP / Software-Component-Verification-Standard
  Software Component Verification Standard (SCVS)
  ☆141Updated 10 months ago
• OWASP / cwe-tool
  A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.
  ☆55Updated 6 months ago
• projectdiscovery / nuclei-action
  Vulnerability Scan with Nuclei
  ☆249Updated 3 months ago
• RhinoSecurityLabs / Swagger-EZ
  A tool geared towards pentesting APIs using OpenAPI definitions.
  ☆174Updated 2 years ago
• ScaleSec / vulnado
  Purposely vulnerable Java application to help lead secure coding workshops
  ☆178Updated 8 months ago
• devanshbatham / CertEagle
  Weaponizing Live CT logs for automated monitoring of assets
  ☆132Updated 3 years ago
• jorritfolmer / vulnerable-api
  Enhanced fork with logging, OpenAPI 3.0 and Python 3 for security monitoring workshops
  ☆42Updated last year
• OpenSecuritySummit / oss-website
  The Open Security Summit is focused on the collaboration between, Developers and Application Security
  ☆45Updated 2 months ago
• DigeeX / raider
  DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider
  ☆138Updated 3 years ago
• Santandersecurityresearch / corsair_scan
  Corsair_scan is a security tool to test Cross-Origin Resource Sharing (CORS).
  ☆123Updated last year
• riskprofiler / CloudFrontier
  Monitor the internet attack surface of various public cloud environments. Currently supports AWS, GCP, Azure, DigitalOcean and Oracle Clo…
  ☆124Updated 11 months ago
• DefectDojo / sample-scan-files
  Sample scan files for testing DefectDojo imports
  ☆75Updated last month
• BBVA / apicheck
  The DevSecOps toolset for REST APIs
  ☆274Updated 2 years ago
• OWASP / OWASPWebGoatPHP
  A deliberately vulnerable web application for learning web application security.
  ☆124Updated last year
• OWASP / RiskAssessmentFramework
  The Secure Coding Framework
  ☆268Updated 4 years ago
• BishopFox / smogcloud
  Find cloud assets that no one wants exposed 🔎 ☁️
  ☆335Updated 4 years ago
• ICTU / zap2docker-auth-weekly
  Zap baseline scanner in Docker with authentication
  ☆103Updated 9 months ago
• mattvaldes / vulnerable-api
  This repository contains an example Python API that is vulnerable to several different web API attacks.
  ☆69Updated last year