Alternatives and similar repositories for webappsec-nutshell

Users that are interested in webappsec-nutshell are comparing it to the libraries listed below

• tomsteele / burpstaticscan
  Use burp's JS static code analysis on code from your local system.
  ☆42Updated 8 years ago
• iSECPartners / LibTech-Auditing-Cheatsheet
  ☆198Updated 9 years ago
• hackvertor / clickbandit
  A JavaScript clickjacking PoC generator
  ☆23Updated 6 years ago
• binarymist / HolisticInfoSec-For-WebDevelopers-Fascicle0
  Overview Tooling Process Physical People
  ☆46Updated 4 years ago
• wireghoul / doona
  Network based protocol fuzzer
  ☆73Updated 3 years ago
• skepticfx / damnvulnerable.me
  A deliberately vulnerable modern day app with lots of DOM related bugs
  ☆35Updated 6 years ago
• securelayer7 / csv-injection-vulnerable-php-script-
  CSV injection Vulnerable Script.
  ☆29Updated 8 years ago
• owtf / owtf-docker
  Docker repository for OWTF (64-bit Kali)
  ☆33Updated 5 years ago
• chrisallenlane / watchtower
  Watchtower is a Static Code Analysis tool designed to assist security auditors who are tasked with performing manual code reviews. It is …
  ☆111Updated 8 years ago
• anilyuk / punydomaincheck
  Puny Domain Name Check
  ☆37Updated 5 years ago
• isp1r0 / DVNA
  Damn Vulnerable Node Application
  ☆19Updated 9 years ago
• DinisCruz / Book_SecDevOps_Risk_Workflow
  Content for 'JIRA Risk Project' book published at LeanPub
  ☆57Updated 7 years ago
• salesforce / AutoTriageBot
  AutoTriageBot automatically verifies, deduplicates, and suggests payouts for incoming HackerOne reports.
  ☆56Updated 3 years ago
• Hacking-and-Coffee / defcon-for-n00bs
  DEF CON for N00bs is an open guide for first time attendees to the convention.
  ☆45Updated 8 years ago
• OWASP / EnDe
  Encoder, Decoder, Converter, Calculator, TU WAS DU WILLST .. for various codings used in the wild wide web
  ☆42Updated last year
• mandatoryprogrammer / xpire-crossdomain-scanner
  Scans crossdomain.xml policies for expired domain names.
  ☆25Updated 9 years ago
• chrisallenlane / drek
  A static-code-analysis tool for performing security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a la…
  ☆139Updated last year
• michenriksen / dia-attacktree
  Attack Tree modeling sheet for Dia
  ☆20Updated 6 years ago
• jgamblin / GithubDependencyCheck
  Run DependencyCheck Against Your Orgs GitHub Repos.
  ☆14Updated 7 years ago
• PaulSec / pepito
  Finds sensitive stuff in your git repository by specifying terms to look for
  ☆31Updated 7 years ago
• nowsecure / mobile-incident-response
  Mobile Incident Response Book
  ☆61Updated 9 years ago
• NetSPI / httpillage
  ☆26Updated 8 years ago
• OWASP / AppSecEurope2017
  ☆13Updated 8 years ago
• integrissecurity / carbonator
  Integris Security Carbonator - The Burp Suite Pro extension that automates scope, spider & scan from the command line. Carbonator helps a…
  ☆74Updated 7 years ago
• burp-hash / burp-hash
  ☆32Updated 9 years ago
• nnewsom / webbies
  Collection of tools for web recon and enumeration.
  ☆56Updated 10 years ago
• DinisCruz / Book_Software_Quality
  Content for 'Measuring Software Quality using Application Security' book published at LeanPub
  ☆38Updated 8 years ago
• dxa4481 / Damn-Vulnerable-Redis-Container
  An example of obtaining RCE via Redis and CSRF
  ☆76Updated 8 years ago
• OpenSecuritySummit / oss2019
  Open Security Summit 2019
  ☆26Updated 4 years ago
• mandatoryprogrammer / PERS
  A passive scanning tool for finding expired domain vulnerabilities while you browse.
  ☆41Updated 6 years ago