Alternatives and similar repositories for ASST

Users that are interested in ASST are comparing it to the libraries listed below

• JavierOlmedo / OWASP-Calculator
  🧮 An online calculator to assess the risk of web vulnerabilities based on OWASP Risk Assessment
  ☆162Updated 4 years ago
• BBVA / apicheck
  The DevSecOps toolset for REST APIs
  ☆277Updated 2 years ago
• OWASP / raider
  OWASP Raider: a novel framework for manipulating the HTTP processes of persistent sessions
  ☆104Updated 2 years ago
• softrams / bulwark
  An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
  ☆183Updated 2 weeks ago
• koenbuyens / securityheaders
  Check any website (or set of websites) for insecure security headers.
  ☆254Updated 2 years ago
• purpleteam-labs / purpleteam
  CLI component of OWASP PurpleTeam
  ☆131Updated last year
• ScaleSec / vulnado
  Purposely vulnerable Java application to help lead secure coding workshops
  ☆190Updated last year
• RossGeerlings / webstor
  WebStor efficiently enumerates all websites across your organization’s networks and those in your DNS records - including cloud-hosted se…
  ☆156Updated last year
• alb-uss / SECMON
  SECMON is a web-based tool for the automation of infosec watching and vulnerability management with a web interface.
  ☆219Updated 3 years ago
• OWASP / RiskAssessmentFramework
  The Secure Coding Framework
  ☆270Updated 5 years ago
• Probely / security_checklist
  Web Application Security Checklist
  ☆133Updated 7 months ago
• DSecureMe / vmc
  VMC: a Scalable, Open Source and Free Vulnerability Management Platform
  ☆91Updated 9 months ago
• appsecco / dvja
  Damn Vulnerable Java (EE) Application
  ☆143Updated last year
• zaproxy / zap-hud
  The ZAP Heads Up Display (HUD)
  ☆271Updated 3 weeks ago
• OWASP / apicheck
  ☆38Updated 8 months ago
• detectify / ugly-duckling
  Ugly Duckling is a lightweight scanner built specifically for our Crowdsource community to submit proof-of-concept modules
  ☆188Updated 4 years ago
• riskprofiler / CloudFrontier
  Monitor the internet attack surface of various public cloud environments. Currently supports AWS, GCP, Azure, DigitalOcean and Oracle Clo…
  ☆127Updated this week
• OWASP / SecureTea-Project
  The OWASP SecureTea Project provides a one-stop security solution for various devices (personal computers / servers / IoT devices)
  ☆302Updated 2 years ago
• OWASP / threat-dragon-desktop
  Desktop variant of OWASP Threat Dragon
  ☆78Updated 4 years ago
• RhinoSecurityLabs / Swagger-EZ
  A tool geared towards pentesting APIs using OpenAPI definitions.
  ☆182Updated 3 years ago
• righettod / toolbox-pentest-web
  Docker toolbox for pentest of web based application.
  ☆171Updated this week
• Patrowl / PatrowlHears
  PatrowlHears - Vulnerability Intelligence Center / Exploits
  ☆165Updated last week
• tldrrun / tools.tldr.run
  A curated list of security tools for Hackers & Builders!
  ☆100Updated last year
• OWASP / www-project-automated-threats-to-web-applications
  OWASP Foundation Web Respository
  ☆72Updated last month
• ShiftLeftSecurity / tarpit-java
  Tarpit - A Web application seeded with vulnerabilities, rootkits, backdoors & data leaks
  ☆81Updated 3 years ago
• DefectDojo / sample-scan-files
  Sample scan files for testing DefectDojo imports
  ☆84Updated 2 months ago
• juanjoSanz / aws-pentesting-lab
  Pentesting lab with a Kali Linux instance accessible via ssh & wireguard VPN and with vulnerable instances in a private subnet
  ☆191Updated last year
• OWASP / www-project-code-review-guide
  OWASP Code Review Guide Web Repository
  ☆145Updated 3 years ago
• brampat / security
  Collection of links to Security stuff
  ☆117Updated 2 months ago
• jorritfolmer / vulnerable-api
  Enhanced fork with logging, OpenAPI 3.0 and Python 3 for security monitoring workshops
  ☆44Updated last year