Alternatives and similar repositories for backend

Users that are interested in backend are comparing it to the libraries listed below

• wisec / domxsswiki
  Automatically exported from code.google.com/p/domxsswiki
  ☆546Updated 7 years ago
• zaproxy / community-scripts
  A collection of ZAP scripts and tips provided by the community - pull requests very welcome!
  ☆867Updated this week
• TheHackerDev / race-the-web
  Tests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.
  ☆628Updated 3 years ago
• OWASP / OWASP-VWAD
  This repo is no longer in use. Please refer to https://github.com/OWASP/www-project-vulnerable-web-applications-directory
  ☆884Updated last month
• disclose / diodb
  Open-source vulnerability disclosure and bug bounty program database
  ☆1,049Updated 6 months ago
• fransr / bountyplz
  Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported)
  ☆459Updated 6 years ago
• fransr / postMessage-tracker
  A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon
  ☆1,278Updated 2 years ago
• nahamsec / JSParser
  ☆833Updated 2 years ago
• OWASP / Docker-Security
  Getting a handle on container security
  ☆677Updated 2 years ago
• blabla1337 / skf-flask
  Security Knowledge Framework (SKF) Python Flask / Angular project
  ☆827Updated last year
• okta-graveyard / repo-supervisor
  Scan your code for security misconfiguration, search for passwords and secrets.
  ☆653Updated 2 years ago
• zaproxy / zap-hud
  The ZAP Heads Up Display (HUD)
  ☆273Updated last month
• filedescriptor / untrusted-types
  ☆694Updated 3 years ago
• visma-prodsec / confused
  Tool to check for dependency confusion vulnerabilities in multiple package management systems
  ☆775Updated last year
• nccgroup / tracy
  A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.
  ☆558Updated 2 years ago
• secureCodeBox / secureCodeBox
  secureCodeBox (SCB) - continuous secure delivery out of the box
  ☆955Updated last week
• BlackFan / client-side-prototype-pollution
  Prototype Pollution and useful Script Gadgets
  ☆1,577Updated 2 years ago
• dsopas / assessment-mindset
  Security Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.
  ☆750Updated 3 years ago
• ICTU / zap2docker-auth-weekly
  Zap baseline scanner in Docker with authentication
  ☆103Updated last year
• xsleaks / xsleaks
  A collection of browser-based side channel attack vectors.
  ☆759Updated last year
• nahamsec / recon_profile
  ☆435Updated 3 years ago
• RUB-NDS / CORStest
  A simple CORS misconfiguration scanner
  ☆423Updated 5 years ago
• appsecco / dvna
  Damn Vulnerable NodeJS Application
  ☆758Updated last year
• PortSwigger / hackability
  Probe a rendering engine for vulnerabilities and other features
  ☆367Updated 4 years ago
• zigoo0 / JSONBee
  A ready to use JSONP endpoints/payloads to help bypass content security policy (CSP) of different websites.
  ☆742Updated last year
• nahamsec / lazyrecon
  This script is intended to automate your reconnaissance process in an organized fashion
  ☆2,006Updated 4 years ago
• koenbuyens / securityheaders
  Check any website (or set of websites) for insecure security headers.
  ☆255Updated 2 years ago
• appsecco / bugcrowd-levelup-subdomain-enumeration
  This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtu…
  ☆632Updated 7 years ago
• mandatoryprogrammer / xsshunter
  The XSS Hunter service - a portable version of XSSHunter.com
  ☆1,537Updated 3 years ago
• LewisArdern / bXSS
  bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
  ☆564Updated 2 years ago