Alternatives and similar repositories for gSAST

Users that are interested in gSAST are comparing it to the libraries listed below

• trickest / safe-harbour
  security.txt collection of most popular world-wide domains
  ☆54Updated 2 years ago
• InitRoot / RouteRunner
  Checks if files is accessible based on the source code.
  ☆16Updated last year
• justmorpheus / burp-automation
  Performing automated scan using Burp Suite Pro & Vmware Burp Rest API
  ☆52Updated 3 years ago
• shabarkin / CodeAllTheThings
  A list of threat sinks used in the manual security source code review for application security
  ☆73Updated 2 years ago
• EasyRecon / wappaGo
  ☆58Updated last year
• Orange-Cyberdefense / versionshaker
  Find the remote website version based on a git repository
  ☆126Updated 4 years ago
• 0xb1tByte / eWPTXv1-Journey
  This repository is intended for sharing files/tools/tutorials..etc that related to eWPTXv1 from eLearnSecurity
  ☆23Updated 5 years ago
• carlospolop / Pastos
  ☆58Updated 3 years ago
• six2dez / obsidian-pentesting-vault
  Sample Obsidian's vault for web pentesting
  ☆101Updated last year
• yogisec / VulnerableSAMLApp
  Vulnerable SAML infrastructure training applicaiton
  ☆54Updated 2 years ago
• TROUBLE-1 / White-box-pentesting
  This lab is created to demonstrate pass-the-hash, blind sql and SSTI vulnerabilities
  ☆92Updated 2 years ago
• incogbyte / quickpress
  Small tool to automate SSRF wordpress and XMLRPC finder
  ☆82Updated 3 years ago
• Anof-cyber / Pentest-Mapper
  A Burp Suite Extension for pentester and bug bounty hunters an to maintain checklist, map flows, write test cases and track vulnerabiliti…
  ☆118Updated 2 years ago
• ShutdownRepo / httpmethods
  HTTP verb tampering & methods enumeration
  ☆63Updated 4 months ago
• kleiton0x00 / HTTP-Smuggling-Calculator
  Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.
  ☆73Updated 3 years ago
• yavolo / Web-CTF-Cheatsheet
  Web CTF CheatSheet 🐈
  ☆34Updated 6 years ago
• ambalabanov / cswsh-scanner
  Scanner for Cross-Site WebSocket Hijacking
  ☆42Updated 5 years ago
• PortSwigger / nuclei-burp-integration
  Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.
  ☆31Updated 2 years ago
• carlospolop / Gorks
  ☆67Updated 2 years ago
• amalmurali47 / swagroutes
  swagroutes is a command-line tool that extracts and lists API routes from Swagger files in YAML or JSON format.
  ☆61Updated 2 years ago
• OdinF13 / Bug-Bounty-Scripts
  Script for Bug Bounty
  ☆29Updated 4 years ago
• zer1t0 / awsenum
  Enumerate AWS permissions and resources.
  ☆71Updated 3 years ago
• VitthalS / ivna
  Intentionally Vulnerable Nodejs Application & APIs
  ☆21Updated 3 years ago
• MantisSTS / GoCloud
  Checks whether a domain is hosted on a cloud service such as AWS, Azure or CloudFlare
  ☆59Updated 2 years ago
• purabparihar / Web-Application-Pentest-Checklist
  ☆23Updated 4 years ago
• trickest / recon-and-vulnerability-scanner-template
  Create your own recon & vulnerability scanner with Trickest and GitHub
  ☆48Updated 2 years ago
• trickest / trickest-cli
  Execute Trickest workflows right from your terminal
  ☆95Updated last month
• drak3hft7 / OSCP-Exam-Report-Template
  Template used for my OSCP exam.
  ☆29Updated 3 years ago
• redhuntlabs / Log4JHunt
  An automated, reliable scanner for the Log4Shell (CVE-2021-44228) vulnerability.
  ☆45Updated 11 months ago
• The-Login / DNS-Analyzer
  A Burp Suite extension for finding DNS vulnerabilities in web applications!
  ☆94Updated 2 years ago