Alternatives and similar repositories for git-vuln-finder:

Users that are interested in git-vuln-finder are comparing it to the libraries listed below

• bahruzjabiyev / t-reqs
  Grammar-based HTTP/1 fuzzer with mutation ability
  ☆250Updated 5 months ago
• josehelps / git-wild-hunt
  A tool to hunt for credentials in github wild AKA git*hunt
  ☆294Updated 2 years ago
• elttam / semgrep-rules
  ☆189Updated 5 months ago
• visma-prodsec / confused
  Tool to check for dependency confusion vulnerabilities in multiple package management systems
  ☆718Updated 8 months ago
• lc / secretz
  secretz, minimizing the large attack surface of Travis CI
  ☆326Updated 2 years ago
• ArturSS7 / TukTuk
  Tool for catching and logging different types of requests.
  ☆220Updated 4 years ago
• Santandersecurityresearch / corsair_scan
  Corsair_scan is a security tool to test Cross-Origin Resource Sharing (CORS).
  ☆122Updated 2 years ago
• DigeeX / raider
  DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider
  ☆139Updated 3 years ago
• ameenmaali / qsfuzz
  qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.
  ☆301Updated 2 years ago
• PalindromeLabs / awesome-websocket-security
  Awesome information for WebSockets security research
  ☆267Updated 3 years ago
• koenbuyens / Vulnerable-OAuth-2.0-Applications
  vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.
  ☆316Updated last year
• BishopFox / h2csmuggler
  HTTP Request Smuggling over HTTP/2 Cleartext (h2c)
  ☆715Updated 2 years ago
• BishopFox / json-interop-vuln-labs
  Companion labs to "An Exploration of JSON Interoperability Vulnerabilities"
  ☆203Updated 2 years ago
• teknogeek / ssrf-sheriff
  A simple SSRF-testing sheriff written in Go
  ☆326Updated 5 months ago
• Charlie-belmer / nosqli
  NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.
  ☆378Updated 3 years ago
• tprynn / web-methodology
  Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki
  ☆204Updated 5 months ago
• daeken / httprebind
  Automatic tool for DNS rebinding-based SSRF attacks
  ☆298Updated 4 years ago
• makuga01 / dnsFookup
  DNS rebinding toolkit
  ☆252Updated last year
• nccgroup / tracy
  A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.
  ☆559Updated 2 years ago
• fransr / bountyplz
  Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported)
  ☆452Updated 5 years ago
• absoluteappsec / handouts
  materials we hand out
  ☆142Updated 3 weeks ago
• dogangcr / vulnerable-sso
  vulnerable single sign on
  ☆147Updated 8 months ago
• N0MoreSecr3ts / wraith
  Uncover forgotten secrets and bring them back to life, haunting security and operations teams.
  ☆207Updated last year
• AvalZ / WAF-A-MoLE
  A guided mutation-based fuzzer for ML-based Web Application Firewalls
  ☆185Updated last year
• BishopFox / smogcloud
  Find cloud assets that no one wants exposed 🔎 ☁️
  ☆341Updated 4 years ago
• detectify / ugly-duckling
  Ugly Duckling is a lightweight scanner built specifically for our Crowdsource community to submit proof-of-concept modules
  ☆189Updated 3 years ago
• doyensec / burpdeveltraining
  Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"
  ☆352Updated 4 years ago
• Plazmaz / leaky-repo
  Benchmarking repo for secrets scanning
  ☆231Updated 8 months ago
• ossf-cve-benchmark / ossf-cve-benchmark
  The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…
  ☆142Updated last year
• vp777 / procrustes
  A bash script that automates the exfiltration of data over dns in case we have blind command execution on a server with egress filtering
  ☆210Updated 4 years ago