Santandersecurityresearch / DrHeaderLinks
drHEADer helps with the audit of security headers received in response to a single request or a list of requests.
☆110Updated 4 months ago
Alternatives and similar repositories for DrHeader
Users that are interested in DrHeader are comparing it to the libraries listed below
Sorting:
- ☆123Updated last year
- A simple web app that helps developers understand the ASVS requirements.☆158Updated 3 months ago
- 🖇️ STRIDE vs. ASVS equivalence table☆76Updated 9 months ago
- A step-by-step walkthrough of CloudGoat 2.0 scenarios.☆134Updated 5 years ago
- Corsair_scan is a security tool to test Cross-Origin Resource Sharing (CORS).☆122Updated 2 years ago
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider☆139Updated 3 years ago
- ☆63Updated 2 years ago
- Orchestron is an Application Vulnerability Management and Correlation Tool.Orchestron helps you solve one key problem "Find and fix vulne…☆31Updated 2 years ago
- ☆87Updated 3 years ago
- Bento Toolkit is a minimal fedora-based container for penetration tests and CTF with the sweet addition of GUI applications.☆77Updated 4 years ago
- A tool geared towards pentesting APIs using OpenAPI definitions.☆176Updated 2 years ago
- Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.☆76Updated 3 years ago
- The Pixi module is a MEAN Stack web app with wildly insecure APIs!☆126Updated 2 years ago
- A small tool to help developers understand a huge set of security requirements from appsec teams☆45Updated 2 years ago
- Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki☆209Updated 7 months ago
- ☆111Updated last year
- IAMFinder enumerates and finds users and IAM roles in a target AWS account.☆111Updated 4 years ago
- Hayat is a script for report and analyze Google Cloud Platform resources.☆80Updated 5 years ago
- Presentations, training modules, and other education materials from Duo Security's Application Security team.☆74Updated 3 years ago
- Static security checker for Dockerfiles☆94Updated last year
- ☆275Updated 3 years ago
- Scan DockerHub images that match a keyword to find secrets.☆59Updated 4 years ago
- ☆250Updated 11 months ago
- A collection of response templates for invalid bug bounty reports.☆91Updated 7 years ago
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆103Updated last year
- All-in-one tool for managing vulnerability reports from AppSec pipelines☆106Updated 2 years ago
- Pin designs for security related items☆37Updated last year
- Semgrep rules corresponding to the OWASP ASVS standard☆27Updated 4 years ago
- Desktop variant of OWASP Threat Dragon☆77Updated 3 years ago
- GraphQL security testing tool☆122Updated 3 years ago