Alternatives and similar repositories for ASST

Users that are interested in ASST are comparing it to the libraries listed below

• JavierOlmedo / OWASP-Calculator
  🧮 An online calculator to assess the risk of web vulnerabilities based on OWASP Risk Assessment
  ☆158Updated 3 years ago
• softrams / bulwark
  An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
  ☆183Updated last month
• OWASP / raider
  OWASP Raider: a novel framework for manipulating the HTTP processes of persistent sessions
  ☆105Updated last year
• Patrowl / PatrowlHears
  PatrowlHears - Vulnerability Intelligence Center / Exploits
  ☆164Updated this week
• DSecureMe / vmc
  VMC: a Scalable, Open Source and Free Vulnerability Management Platform
  ☆90Updated 5 months ago
• DefectDojo / sample-scan-files
  Sample scan files for testing DefectDojo imports
  ☆82Updated 5 months ago
• RossGeerlings / webstor
  WebStor efficiently enumerates all websites across your organization’s networks and those in your DNS records - including cloud-hosted se…
  ☆158Updated last year
• detectify / ugly-duckling
  Ugly Duckling is a lightweight scanner built specifically for our Crowdsource community to submit proof-of-concept modules
  ☆189Updated 3 years ago
• alb-uss / SECMON
  SECMON is a web-based tool for the automation of infosec watching and vulnerability management with a web interface.
  ☆221Updated 3 years ago
• BBVA / apicheck
  The DevSecOps toolset for REST APIs
  ☆272Updated 2 years ago
• BlazingWind / OWASP-ASVS-4.0-testing-guide
  ☆123Updated last year
• DigeeX / raider
  DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider
  ☆139Updated 3 years ago
• OWASP / threat-dragon-desktop
  Desktop variant of OWASP Threat Dragon
  ☆77Updated 3 years ago
• devanshbatham / CertEagle
  Weaponizing Live CT logs for automated monitoring of assets
  ☆134Updated 3 years ago
• BishopFox / smogcloud
  Find cloud assets that no one wants exposed 🔎 ☁️
  ☆347Updated 4 years ago
• OWASP / RiskAssessmentFramework
  The Secure Coding Framework
  ☆266Updated 4 years ago
• appsecco / dvja
  Damn Vulnerable Java (EE) Application
  ☆139Updated last year
• Ebryx / Nessus_Map
  Parse .nessus file(s) and shows output in interactive UI
  ☆153Updated 2 months ago
• OWASP / www-project-threat-dragon
  OWASP Foundation Threat Dragon Project Web Repository
  ☆80Updated 3 weeks ago
• riskprofiler / CloudFrontier
  Monitor the internet attack surface of various public cloud environments. Currently supports AWS, GCP, Azure, DigitalOcean and Oracle Clo…
  ☆125Updated last year
• purpleteam-labs / purpleteam
  CLI component of OWASP PurpleTeam
  ☆129Updated last year
• chennylmf / OWASP-Web-App-Pentesting-checklists
  ☆71Updated 4 years ago
• VainlyStrain / Vailyn
  A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
  ☆198Updated 3 years ago
• tristanlatr / burpa
  Burp Automator - A Burp Suite Automation Tool. It provides a high level CLI and Python interfaces to Burp Suite scanner and can be used t…
  ☆199Updated last month
• RhinoSecurityLabs / Swagger-EZ
  A tool geared towards pentesting APIs using OpenAPI definitions.
  ☆177Updated 2 years ago
• OWASP / www-project-proactive-controls
  OWASP Foundation Web Respository
  ☆146Updated last month
• imperva / automatic-api-attack-tool
  Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an outp…
  ☆474Updated 2 years ago
• DevSlop / Pixi
  The Pixi module is a MEAN Stack web app with wildly insecure APIs!
  ☆126Updated 2 years ago
• security-prince / Resources-for-Application-Security
  Some good resources for getting started with application security
  ☆142Updated 4 years ago
• OWASP / www-project-api-security
  OWASP Foundation Web Repository
  ☆47Updated 6 months ago