Alternatives and similar repositories for owasp-cstg

Users that are interested in owasp-cstg are comparing it to the libraries listed below

• ajinabraham / aws_security_tools
  Scripts and tools for AWS Pentest
  ☆53Updated 4 years ago
• GovTech-CSG / Autowasp
  BurpSuite Extension: A one-stop pen testing checklist and logger tool
  ☆75Updated 2 years ago
• NetSPI / AWSSigner
  Burp Extension for AWS Signing
  ☆89Updated 6 months ago
• sailay1996 / offsec_WE
  learning case to prepare OSWE
  ☆37Updated 5 years ago
• NotSoSecure / cloud-sec-wiki
  Jekyll Files for cloudsecwiki.com
  ☆50Updated 3 years ago
• nightwatchcybersecurity / gitbleed_tools
  ☆90Updated 3 years ago
• Leoid / AWSBurpCollaborator
  Deploy a Private Burpsuite Collaborator using boto3 Python Library
  ☆58Updated 5 years ago
• mandiant / heyserial
  Programmatically create hunting rules for deserialization exploitation with multiple keywords, gadget chains, object types, encodings, an…
  ☆143Updated 2 years ago
• PortSwigger / attack-surface-detector
  The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
  ☆14Updated 3 years ago
• lazaars / SAP-Pentest
  ☆67Updated 6 years ago
• Rhynorater / Okta-Password-Sprayer
  This script is a multi-threaded Okta password sprayer.
  ☆72Updated last year
• BojackThePillager / Slackhound
  Slackhound allows red and blue teams to perform fast reconnaissance on Slack workspaces/organizations to quickly search user profiles, lo…
  ☆81Updated last year
• nccgroup / CollaboratorPlusPlus
  ☆148Updated 3 years ago
• alt3kx / wafparan01d3
  Quick WAF "paranoid" Doctor Evaluation | WAFPARAN01D3 Tool
  ☆25Updated 3 years ago
• antonytuff / Red-Team-Notes
  OSCP guide and Red Team assessment Guide
  ☆35Updated 5 years ago
• sneakerhax / Posts
  Posts about different topics
  ☆36Updated last year
• torque59 / AWS-Vulnerable-Lambda
  An AWS Lambda vulnerable application written in flask.
  ☆49Updated 7 years ago
• nccgroup / cowcloud
  ☆58Updated 2 years ago
• digininja / authlab
  A lab to play with authentication and authorisation problems
  ☆96Updated 2 years ago
• mhaskar / Bughound
  Static code analysis tool based on Elasticsearch
  ☆129Updated 4 years ago
• doyensec / oidc-ssrf
  An Evil OIDC Server
  ☆53Updated 2 years ago
• hoodoer / WP-XSS-Admin-Funcs
  JavaScript functions intended to be used as an XSS payload against a WordPress admin account.
  ☆54Updated 4 years ago
• FortyNorthSecurity / Presentations
  Any presentation we've given at FortyNorth Security
  ☆34Updated 3 years ago
• grines / scour
  ☆127Updated last year
• DenizParlak / hayat
  Hayat is a script for report and analyze Google Cloud Platform resources.
  ☆80Updated 5 years ago
• pownjs / leaks
  Extensive code infrastructure for finding unintended information leaks in files, git repositories and much more.
  ☆28Updated 2 years ago
• xmpf / mindmaps
  Mindmaps allow to organize and understand information faster and better.
  ☆2Updated 3 years ago
• ProfessionallyEvil / harpoon
  A collection of scripts, and tips and tricks for hacking k8s clusters and containers.
  ☆135Updated 9 months ago
• andresriancho / vpc-vpn-pivot
  Pivot into private VPC networks using a VPN connection
  ☆43Updated 5 years ago
• secdec / attack-surface-detector-burp
  The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
  ☆103Updated last year