Alternatives and similar repositories for gSAST

Users that are interested in gSAST are comparing it to the libraries listed below

• InitRoot / RouteRunner
  Checks if files is accessible based on the source code.
  ☆16Updated last year
• EasyRecon / wappaGo
  ☆58Updated last year
• shabarkin / CodeAllTheThings
  A list of threat sinks used in the manual security source code review for application security
  ☆73Updated 2 years ago
• justmorpheus / burp-automation
  Performing automated scan using Burp Suite Pro & Vmware Burp Rest API
  ☆52Updated 3 years ago
• VitthalS / ivna
  Intentionally Vulnerable Nodejs Application & APIs
  ☆22Updated 3 years ago
• trickest / safe-harbour
  security.txt collection of most popular world-wide domains
  ☆54Updated 2 years ago
• ambalabanov / cswsh-scanner
  Scanner for Cross-Site WebSocket Hijacking
  ☆42Updated 5 years ago
• Anof-cyber / Pentest-Mapper
  A Burp Suite Extension for pentester and bug bounty hunters an to maintain checklist, map flows, write test cases and track vulnerabiliti…
  ☆118Updated 2 years ago
• PortSwigger / ator
  ☆32Updated last year
• NotSoSecure / NotSoCereal-Lab
  NotSoCereal: A Deserialization exploit playground
  ☆54Updated 3 years ago
• kleiton0x00 / HTTP-Smuggling-Calculator
  Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.
  ☆73Updated 3 years ago
• fuzz-security / Active-Directory-Exploitation-Cheat-Sheet
  A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
  ☆50Updated 5 years ago
• ShutdownRepo / httpmethods
  HTTP verb tampering & methods enumeration
  ☆63Updated 4 months ago
• rs-loves-bugs / burp-browser-profiles
  Make better use of the embedded browser that comes by default with Burp
  ☆45Updated last year
• Static-Flow / RepeaterSearch
  This extension adds a search bar to the Repeater tab that can be used to highlight all repeater tabs where the request and/or response ma…
  ☆80Updated 2 years ago
• TROUBLE-1 / White-box-pentesting
  This lab is created to demonstrate pass-the-hash, blind sql and SSTI vulnerabilities
  ☆91Updated 2 years ago
• 0xb1tByte / eWPTXv1-Journey
  This repository is intended for sharing files/tools/tutorials..etc that related to eWPTXv1 from eLearnSecurity
  ☆23Updated 5 years ago
• RakeshKengale / RaKKeN
  Information Security Information From Web
  ☆28Updated 4 months ago
• dwisiswant0 / nodep
  A tool for check available dependency packages across npmjs, PyPI or RubyGems registry.
  ☆30Updated 3 years ago
• trickest / recon-and-vulnerability-scanner-template
  Create your own recon & vulnerability scanner with Trickest and GitHub
  ☆48Updated 2 years ago
• amalmurali47 / swagroutes
  swagroutes is a command-line tool that extracts and lists API routes from Swagger files in YAML or JSON format.
  ☆61Updated 2 years ago
• reconmap / rest-api
  REST API backend for Reconmap
  ☆47Updated last week
• honoki / bbrf-agents
  A collection of BBRF agents that can be deployed to AWS lambda
  ☆23Updated last year
• six2dez / obsidian-pentesting-vault
  Sample Obsidian's vault for web pentesting
  ☆99Updated last year
• ApexPredator-InfoSec / AWAE-OSWE
  Review of AWAE.OSWE
  ☆31Updated 3 years ago
• 0xAkashsky / sub-scout
  Simple bash Script to automate initial recon using (httpx, puredns, regulator, wayback, katana, aquatone)
  ☆34Updated 8 months ago
• yogisec / VulnerableSAMLApp
  Vulnerable SAML infrastructure training applicaiton
  ☆54Updated 2 years ago
• redhuntlabs / Hunt4Spring
  A "Spring4Shell" vulnerability scanner.
  ☆49Updated 10 months ago
• zer1t0 / awsenum
  Enumerate AWS permissions and resources.
  ☆71Updated 3 years ago
• OdinF13 / Bug-Bounty-Scripts
  Script for Bug Bounty
  ☆29Updated 4 years ago