Alternatives and similar repositories for ASST

Users that are interested in ASST are comparing it to the libraries listed below

• JavierOlmedo / OWASP-Calculator
  🧮 An online calculator to assess the risk of web vulnerabilities based on OWASP Risk Assessment
  ☆158Updated 3 years ago
• OWASP / raider
  OWASP Raider: a novel framework for manipulating the HTTP processes of persistent sessions
  ☆104Updated last year
• OWASP / cwe-tool
  A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.
  ☆57Updated this week
• DSecureMe / vmc
  VMC: a Scalable, Open Source and Free Vulnerability Management Platform
  ☆90Updated 4 months ago
• OWASP / www-project-code-review-guide
  OWASP Code Review Guide Web Repository
  ☆135Updated 2 years ago
• OWASP / threat-dragon-desktop
  Desktop variant of OWASP Threat Dragon
  ☆77Updated 3 years ago
• alb-uss / SECMON
  SECMON is a web-based tool for the automation of infosec watching and vulnerability management with a web interface.
  ☆221Updated 3 years ago
• tristanlatr / burpa
  Burp Automator - A Burp Suite Automation Tool. It provides a high level CLI and Python interfaces to Burp Suite scanner and can be used t…
  ☆197Updated last week
• softrams / bulwark
  An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
  ☆181Updated 3 weeks ago
• zaproxy / zap-hud
  The ZAP Heads Up Display (HUD)
  ☆264Updated 4 months ago
• BBVA / apicheck
  The DevSecOps toolset for REST APIs
  ☆274Updated 2 years ago
• zaproxy / zaproxy-website
  The source of ZAP website
  ☆72Updated last week
• ShiftLeftSecurity / tarpit-java
  Tarpit - A Web application seeded with vulnerabilities, rootkits, backdoors & data leaks
  ☆79Updated 2 years ago
• RossGeerlings / webstor
  WebStor efficiently enumerates all websites across your organization’s networks and those in your DNS records - including cloud-hosted se…
  ☆158Updated last year
• krol3 / kubernetes-security-checklist
  Awesome resources about Security in Kubernetes
  ☆42Updated 2 years ago
• OWASP / www-project-security-knowledge-framework
  OWASP Foundation Web Respository
  ☆63Updated last year
• OWASP / www-project-devsecops-guideline
  The OWASP DevSecOps Guideline explains how we can implement a secure pipeline and use best practices and introduce tools that we can use …
  ☆66Updated 11 months ago
• DigeeX / raider
  DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider
  ☆139Updated 3 years ago
• OWASP / RiskAssessmentFramework
  The Secure Coding Framework
  ☆268Updated 4 years ago
• tldrrun / tools.tldr.run
  A curated list of security tools for Hackers & Builders!
  ☆99Updated 10 months ago
• juanjoSanz / aws-pentesting-lab
  Pentesting lab with a Kali Linux instance accessible via ssh & wireguard VPN and with vulnerable instances in a private subnet
  ☆187Updated 11 months ago
• OWASP / Honeypot-Project
  ☆93Updated last year
• PortSwigger / autowasp
  BurpSuite Extension: A one-stop pen testing checklist and logger tool
  ☆266Updated 2 years ago
• detectify / ugly-duckling
  Ugly Duckling is a lightweight scanner built specifically for our Crowdsource community to submit proof-of-concept modules
  ☆189Updated 3 years ago
• OWASP / www-project-proactive-controls
  OWASP Foundation Web Respository
  ☆146Updated 3 weeks ago
• security-prince / Resources-for-Application-Security
  Some good resources for getting started with application security
  ☆142Updated 4 years ago
• BlazingWind / OWASP-ASVS-4.0-testing-guide
  ☆123Updated last year
• BishopFox / smogcloud
  Find cloud assets that no one wants exposed 🔎 ☁️
  ☆345Updated 4 years ago
• appsecco / dvja
  Damn Vulnerable Java (EE) Application
  ☆138Updated last year
• jorritfolmer / vulnerable-api
  Enhanced fork with logging, OpenAPI 3.0 and Python 3 for security monitoring workshops
  ☆42Updated last year