Alternatives and similar repositories for oauth-scan:

Users that are interested in oauth-scan are comparing it to the libraries listed below

• akabe1 / OAUTHScan
  Burp Suite Extension useful to verify OAUTHv2 and OpenID security
  ☆172Updated 5 months ago
• securisec / cliam
  Cloud agnostic IAM permissions enumerator
  ☆140Updated 7 months ago
• mschwager / route-detect
  Find authentication (authn) and authorization (authz) security bugs in web application routes.
  ☆258Updated 2 weeks ago
• pry0cc / proteus
  A projectdiscovery driven attack surface monitoring bot powered by axiom
  ☆182Updated 2 years ago
• cramppet / regulator
  Automated learning of regexes for DNS discovery
  ☆364Updated 2 years ago
• hakluke / hakscale
  Distribute ordinary bash commands over many systems
  ☆162Updated 2 years ago
• usdAG / FlowMate
  FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…
  ☆156Updated 4 months ago
• forcesunseen / graphquail
  Burp Suite extension that offers a toolkit for testing GraphQL endpoints.
  ☆191Updated 7 months ago
• raverrr / plution
  Prototype pollution scanner using headless chrome
  ☆216Updated 2 years ago
• MayankPandey01 / Jira-Lens
  Fast and customizable vulnerability scanner For JIRA written in Python
  ☆317Updated 3 months ago
• trufflesecurity / of-CORS
  ☆150Updated last year
• RefactorSecurity / vscode-security-notes
  Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝
  ☆132Updated this week
• PortSwigger / autowasp
  BurpSuite Extension: A one-stop pen testing checklist and logger tool
  ☆265Updated 2 years ago
• projectdiscovery / openrisk
  openrisk is a tool that generates a risk score based on the results of a Nuclei scan.
  ☆166Updated last month
• jhaddix / awsScrape
  A tool to scrape the AWS ranges looking for a keyword in SSL certificate data.
  ☆230Updated last year
• pussycat0x / malicious-pdf
  Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator
  ☆168Updated 3 years ago
• shabarkin / aws-enumerator
  The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testin…
  ☆198Updated 2 years ago
• Sh1Yo / request_smuggler
  Http request smuggling vulnerability scanner
  ☆227Updated 2 years ago
• xforcered / SQLRecon
  A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.
  ☆391Updated 2 months ago
• AdnaneKhan / Gato-X
  GitHub Attack Toolkit - Extreme Edition - A static analysis and exploit toolkit for GitHub Actions.
  ☆262Updated this week
• assetnote / surf
  Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …
  ☆629Updated last year
• dhn / udon
  A simple tool that helps to find assets/domains based on the Google Analytics ID.
  ☆173Updated 2 months ago
• DigeeX / raider
  DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider
  ☆138Updated 3 years ago
• trickest / find-gh-poc
  Find CVE PoCs on GitHub
  ☆145Updated last year
• lutzenfried / OffensiveCloud
  Offensive security and Penetration Testing TTP for Cloud based environment (AWS / Azure / GCP)
  ☆325Updated 3 weeks ago
• DevSecOpsDocs / nuclearpond
  Nuclear Pond is a utility leveraging Nuclei to perform internet wide scans for the cost of a cup of coffee.
  ☆177Updated last year
• trickest / mkpath
  Make URL path combinations using a wordlist
  ☆173Updated last year
• elttam / semgrep-rules
  ☆186Updated 4 months ago
• trickest / dsieve
  Filter and enrich a list of subdomains by level
  ☆201Updated last year
• BishopFox / Imperva_gzip_WAF_Bypass
  ☆156Updated 3 years ago