Alternatives and similar repositories for security-testing

Users that are interested in security-testing are comparing it to the libraries listed below

• baiduxlab / sgxray
  ☆44Updated 4 years ago
• AvalZ / RevOK
  An HTTP Response fuzzer to find Vulnerabilities in Security Scanners
  ☆27Updated last year
• georlav / objectmap
  A Simple command line tool that helps checking web applications to identify insecure deserialization vulnerabilities.
  ☆24Updated 6 years ago
• NUS-Curiosity / VulZoo
  VulZoo: A Comprehensive Vulnerability Intelligence Dataset | ASE 2024 Demo
  ☆66Updated 10 months ago
• Rezilion / mi-x
  Determine whether your compute is truly vulnerable to a specific vulnerability by accounting for all factors which affect *actual* exploi…
  ☆141Updated 2 years ago
• stacscan / stacs
  Static Token And Credential Scanner
  ☆95Updated 2 years ago
• cs-uob / COMSM0049
  Systems and Software Security
  ☆16Updated 2 months ago
• pentest-a2p2v / pentest-a2p2v-core
  Core A2P2V functionality (command line based)
  ☆68Updated last year
• testable-eu / sast-testability-patterns
  Testability Pattern Catalogs for SAST
  ☆31Updated 11 months ago
• 0xbigshaq / apache-afl
  An automated setup for compiling & fuzzing Apache httpd server
  ☆51Updated 2 years ago
• 0xb0bb / ctf-challs
  A subset of CTF challenges I have made over the years.
  ☆18Updated 3 years ago
• knqyf263 / CVE-2020-10749
  CVE-2020-10749 PoC (Kubernetes MitM attacks via IPv6 rogue router advertisements)
  ☆25Updated 5 years ago
• 0xbigshaq / redis-afl
  An automated setup for fuzzing Redis w/ AFL++
  ☆35Updated 3 years ago
• AvalZ / WAF-A-MoLE
  A guided mutation-based fuzzer for ML-based Web Application Firewalls
  ☆196Updated last year
• sominsong / NIMOS
  Analysis of syscall sequence pattern from exploit codes for advanced system call sequence filtering for enhanced container security
  ☆16Updated 2 years ago
• akamai / luda
  Malicious actors often reuse code to deploy their malware, phishing website or CNC server. As a result, similiaries can be found on URLs …
  ☆75Updated 2 years ago
• SonarSource / argument-injection-vectors
  A curated list of argument injection vectors
  ☆41Updated last year
• claroty / busybox-fuzzing
  ☆98Updated 4 years ago
• kudelskisecurity / fuzzomatic
  Automatically fuzz Rust projects from scratch
  ☆59Updated 6 months ago
• iosifache / semgrep-rules-manager
  Manager of 14 third-party sources comprising approximately 4,000 Semgrep rules 🗂
  ☆98Updated last month
• purs3lab / Argus
  ☆52Updated last year
• tree-wizard / fuzz-forest
  ☆27Updated 2 years ago
• Yuning-J / VulnerabilityClassifier
  Severity scoring and exploit categorisation for vulnerability reports using machine-learning tools.
  ☆25Updated 2 years ago
• dobin / yookiterm-challenges
  The challenge writeups and solutions for yookiterm-challenge-files
  ☆37Updated 3 years ago
• anirudhduggal / medaudit
  A tool for auditing medical devices and healthcare infrastructure
  ☆22Updated last month
• 5stars217 / malicious_models
  using ML models for red teaming
  ☆45Updated 2 years ago
• ossf-cve-benchmark / ossf-cve-benchmark
  The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…
  ☆160Updated last year
• too4words / securibench-micro
  Securibench Micro is a benchmark for static analysis tools for security.
  ☆26Updated 7 years ago
• bahruzjabiyev / frameshifter
  Grammar-based HTTP/2 fuzzer with mutation ability
  ☆47Updated 3 years ago
• Phat3 / CVE-analyzer
  Extract useful semantic from CVE descriptions usinig NLP
  ☆25Updated 3 years ago