Alternatives and similar repositories for oauth-scan

Users that are interested in oauth-scan are comparing it to the libraries listed below

• mschwager / route-detect
  Find authentication (authn) and authorization (authz) security bugs in web application routes.
  ☆261Updated 2 months ago
• securisec / cliam
  Cloud agnostic IAM permissions enumerator
  ☆149Updated last month
• pry0cc / proteus
  A projectdiscovery driven attack surface monitoring bot powered by axiom
  ☆183Updated 2 years ago
• akabe1 / OAUTHScan
  Burp Suite Extension useful to verify OAUTHv2 and OpenID security
  ☆173Updated 7 months ago
• PortSwigger / autowasp
  BurpSuite Extension: A one-stop pen testing checklist and logger tool
  ☆266Updated 2 years ago
• hakluke / hakscale
  Distribute ordinary bash commands over many systems
  ☆166Updated 2 years ago
• trufflesecurity / of-CORS
  ☆152Updated last year
• usdAG / FlowMate
  FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…
  ☆159Updated 6 months ago
• shabarkin / aws-enumerator
  The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testin…
  ☆207Updated 3 years ago
• cybervelia / graphicator
  A GraphQL enumeration and extraction tool
  ☆131Updated 2 years ago
• RefactorSecurity / vscode-security-notes
  Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝
  ☆133Updated 2 months ago
• doyensec / PESD-Exporter-Extension
  PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams
  ☆105Updated 4 months ago
• cramppet / regulator
  Automated learning of regexes for DNS discovery
  ☆368Updated 2 years ago
• Brum3ns / firefly
  Black box fuzzer for web applications
  ☆426Updated 11 months ago
• The-Login / DNS-Analysis-Server
  Tools to assess DNS security.
  ☆152Updated last year
• assetnote / surf
  Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …
  ☆638Updated last year
• Sh1Yo / request_smuggler
  Http request smuggling vulnerability scanner
  ☆227Updated 2 years ago
• MayankPandey01 / Jira-Lens
  Fast and customizable vulnerability scanner For JIRA written in Python
  ☆320Updated 5 months ago
• cyprosecurity / API-SecurityEmpire
  API Security Project aims to present unique attack & defense methods in API Security field
  ☆284Updated 3 years ago
• raverrr / plution
  Prototype pollution scanner using headless chrome
  ☆218Updated 2 years ago
• musana / mx-takeover
  mx-takeover focuses DNS MX records and detects misconfigured MX records.
  ☆347Updated last year
• DigeeX / raider
  DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider
  ☆139Updated 3 years ago
• projectdiscovery / openrisk
  openrisk is a tool that generates a risk score based on the results of a Nuclei scan.
  ☆169Updated 4 months ago
• forcesunseen / graphquail
  Burp Suite extension that offers a toolkit for testing GraphQL endpoints.
  ☆192Updated 9 months ago
• ffuf / pencode
  Complex payload encoder
  ☆226Updated last year
• hahwul / authz0
  🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.
  ☆420Updated 7 months ago
• NotSoSecure / cloud-service-enum
  ☆249Updated 11 months ago
• dhn / udon
  A simple tool that helps to find assets/domains based on the Google Analytics ID.
  ☆176Updated 4 months ago
• Bandit-HaxUnit / haxunit
  ☆316Updated 4 months ago
• PortSwigger / pentest-mapper
  A Burp Suite Extension for Application Penetration Testing to map flows and vulnerabilities
  ☆117Updated last year