Alternatives and similar repositories for ASST

Users that are interested in ASST are comparing it to the libraries listed below

• JavierOlmedo / OWASP-Calculator
  🧮 An online calculator to assess the risk of web vulnerabilities based on OWASP Risk Assessment
  ☆163Updated 4 years ago
• RossGeerlings / webstor
  WebStor efficiently enumerates all websites across your organization’s networks and those in your DNS records - including cloud-hosted se…
  ☆157Updated last year
• OWASP / raider
  OWASP Raider: a novel framework for manipulating the HTTP processes of persistent sessions
  ☆104Updated 2 years ago
• softrams / bulwark
  An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
  ☆183Updated last week
• purpleteam-labs / purpleteam
  CLI component of OWASP PurpleTeam
  ☆132Updated last year
• BBVA / apicheck
  The DevSecOps toolset for REST APIs
  ☆277Updated 2 years ago
• alb-uss / SECMON
  SECMON is a web-based tool for the automation of infosec watching and vulnerability management with a web interface.
  ☆219Updated 3 years ago
• OWASP / www-project-code-review-guide
  OWASP Code Review Guide Web Repository
  ☆146Updated 3 years ago
• Patrowl / PatrowlHears
  PatrowlHears - Vulnerability Intelligence Center / Exploits
  ☆165Updated this week
• juanjoSanz / aws-pentesting-lab
  Pentesting lab with a Kali Linux instance accessible via ssh & wireguard VPN and with vulnerable instances in a private subnet
  ☆192Updated last year
• brampat / security
  Collection of links to Security stuff
  ☆117Updated 3 months ago
• nicoSWD / asvs-checklist
  OWASP Application Security Verification Standard 4.0 Checklist
  ☆33Updated 6 years ago
• jorritfolmer / vulnerable-api
  Enhanced fork with logging, OpenAPI 3.0 and Python 3 for security monitoring workshops
  ☆44Updated last year
• DSecureMe / vmc
  VMC: a Scalable, Open Source and Free Vulnerability Management Platform
  ☆91Updated 10 months ago
• riskprofiler / CloudFrontier
  Monitor the internet attack surface of various public cloud environments. Currently supports AWS, GCP, Azure, DigitalOcean and Oracle Clo…
  ☆128Updated 3 weeks ago
• Probely / security_checklist
  Web Application Security Checklist
  ☆133Updated 8 months ago
• OWASP / RiskAssessmentFramework
  The Secure Coding Framework
  ☆271Updated 5 years ago
• OWASP / threat-dragon-desktop
  Desktop variant of OWASP Threat Dragon
  ☆78Updated 4 years ago
• righettod / toolbox-pentest-web
  Docker toolbox for pentest of web based application.
  ☆172Updated this week
• mablanco / docker-osmedeus
  Docker image for Osmedeus, a fully automated offensive security tool for reconnaissance and vulnerability scanning
  ☆103Updated 3 months ago
• BlazingWind / OWASP-ASVS-4.0-testing-guide
  ☆124Updated 2 years ago
• wisec / OWASP-Testing-Guide-v5
  The OWASP Testing Guide includes a "best practice" penetration testing framework which users can implement in their own organizations and…
  ☆77Updated 6 years ago
• OpenSecuritySummit / oss-website
  The Open Security Summit is focused on the collaboration between, Developers and Application Security
  ☆45Updated 5 months ago
• kerberosmansour / InfoSecOpenAIExamples
  InfoSec OpenAI Examples
  ☆19Updated 2 years ago
• RhinoSecurityLabs / Swagger-EZ
  A tool geared towards pentesting APIs using OpenAPI definitions.
  ☆182Updated 3 years ago
• ScaleSec / vulnado
  Purposely vulnerable Java application to help lead secure coding workshops
  ☆191Updated last year
• zaproxy / zap-hud
  The ZAP Heads Up Display (HUD)
  ☆271Updated last month
• cloud-sniper / cloud-sniper
  Cloud Security Operations Orchestrator
  ☆188Updated last year
• DigeeX / raider
  DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider
  ☆139Updated 4 years ago
• A3h1nt / Subcert
  Subcert is a subdomain enumeration tool, that finds all the subdomains from certificate transparency logs.
  ☆81Updated 4 years ago