Alternatives and similar repositories for ASST

Users that are interested in ASST are comparing it to the libraries listed below

• JavierOlmedo / OWASP-Calculator
  🧮 An online calculator to assess the risk of web vulnerabilities based on OWASP Risk Assessment
  ☆161Updated 4 years ago
• jorritfolmer / vulnerable-api
  Enhanced fork with logging, OpenAPI 3.0 and Python 3 for security monitoring workshops
  ☆44Updated last year
• BBVA / apicheck
  The DevSecOps toolset for REST APIs
  ☆276Updated 2 years ago
• RossGeerlings / webstor
  WebStor efficiently enumerates all websites across your organization’s networks and those in your DNS records - including cloud-hosted se…
  ☆157Updated last year
• DSecureMe / vmc
  VMC: a Scalable, Open Source and Free Vulnerability Management Platform
  ☆91Updated 7 months ago
• softrams / bulwark
  An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
  ☆183Updated last week
• OWASP / raider
  OWASP Raider: a novel framework for manipulating the HTTP processes of persistent sessions
  ☆104Updated 2 years ago
• 0xSearches / sandcastle
  🏰 A Python script for AWS S3 bucket enumeration.
  ☆144Updated 2 years ago
• juerkkil / secheaders
  Python script to check HTTP security headers
  ☆67Updated last month
• wisec / OWASP-Testing-Guide-v5
  The OWASP Testing Guide includes a "best practice" penetration testing framework which users can implement in their own organizations and…
  ☆77Updated 5 years ago
• righettod / toolbox-pentest-web
  Docker toolbox for pentest of web based application.
  ☆166Updated this week
• ksharinarayanan / SourceWolf
  Amazingly fast response crawler to find juicy stuff in the source code! 😎🔥
  ☆153Updated 2 years ago
• devanshbatham / CertEagle
  Weaponizing Live CT logs for automated monitoring of assets
  ☆134Updated 4 years ago
• alb-uss / SECMON
  SECMON is a web-based tool for the automation of infosec watching and vulnerability management with a web interface.
  ☆219Updated 3 years ago
• Patrowl / PatrowlHears
  PatrowlHears - Vulnerability Intelligence Center / Exploits
  ☆165Updated last week
• RhinoSecurityLabs / Swagger-EZ
  A tool geared towards pentesting APIs using OpenAPI definitions.
  ☆181Updated 2 years ago
• riskprofiler / CloudFrontier
  Monitor the internet attack surface of various public cloud environments. Currently supports AWS, GCP, Azure, DigitalOcean and Oracle Clo…
  ☆126Updated last year
• purpleteam-labs / purpleteam
  CLI component of OWASP PurpleTeam
  ☆131Updated last year
• A3h1nt / Subcert
  Subcert is a subdomain enumeration tool, that finds all the subdomains from certificate transparency logs.
  ☆81Updated 4 years ago
• OWASP / www-project-code-review-guide
  OWASP Code Review Guide Web Repository
  ☆141Updated 3 years ago
• mablanco / docker-osmedeus
  Docker image for Osmedeus, a fully automated offensive security tool for reconnaissance and vulnerability scanning
  ☆105Updated last month
• Probely / security_checklist
  Web Application Security Checklist
  ☆131Updated 5 months ago
• 0xdekster / deksterecon
  Web Application recon automation
  ☆126Updated 4 years ago
• ShiftLeftSecurity / tarpit-java
  Tarpit - A Web application seeded with vulnerabilities, rootkits, backdoors & data leaks
  ☆80Updated 3 years ago
• stevemcilwain / quiver
  Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.
  ☆215Updated 5 years ago
• mhaskar / Bughound
  Static code analysis tool based on Elasticsearch
  ☆129Updated 4 years ago
• chennylmf / OWASP-Web-App-Pentesting-checklists
  ☆71Updated 5 years ago
• VainlyStrain / Vailyn
  A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
  ☆199Updated 3 years ago
• OWASP / RiskAssessmentFramework
  The Secure Coding Framework
  ☆267Updated 5 years ago
• ivision-research / vulnerable-graphql-api
  A very vulnerable implementation of a GraphQL API.
  ☆61Updated 3 years ago