Alternatives and similar repositories for url-testing

Users that are interested in url-testing are comparing it to the libraries listed below

• mozilla-services / websec-check
  DEPRECATED - web security checklist for Firefox Services
  ☆77Updated 4 years ago
• mozilla / infosec.mozilla.org
  Guidelines, principles published on https://infosec.mozilla.org
  ☆99Updated 4 months ago
• mikewest / deprecating-document-domain
  `document.domain` intentionally weakens the only security boundary we have. Perhaps we can dump it?
  ☆17Updated 2 years ago
• cure53 / browser-sec-whitepaper
  Cure53 Browser Security White Paper
  ☆300Updated 8 years ago
• w3c / webappsec-csp
  WebAppSec Content Security Policy
  ☆221Updated 3 weeks ago
• jolle / expired-tweets
  🐦 Find tweets that contain expired or claimable URLs from your Twitter archive.
  ☆44Updated 6 years ago
• cweb / unicode-security-guide
  Unicode Security Guide
  ☆120Updated 8 years ago
• cweb / unicode-hax
  A library to assist in security-testing Unicode enabled applications during fuzzing, XSS, SQLi, etc.
  ☆42Updated 8 years ago
• chromium / trickuri
  ☆144Updated 2 years ago
• dxa4481 / CORS
  JSON API's Are Automatically Protected Against CSRF, And Google Almost Took It Away.
  ☆34Updated 8 years ago
• shapesecurity / salvation
  Parse Content Security Policy headers, warn about policy errors, safely manipulate, render, and optimise policies
  ☆72Updated last week
• google / safe-html-types
  Security contract types
  ☆60Updated 3 years ago
• w3c / webappsec-fetch-metadata
  Fetch Metadata
  ☆75Updated 8 months ago
• mikewest / strict-csp-for-everyone
  This is both a terrible and wonderful idea.
  ☆12Updated 6 years ago
• zaproxy / zest
  ☆107Updated last month
• hackvertor / MentalJS
  JavaScript parser and sandbox
  ☆79Updated 9 years ago
• lyft / high-entropy-string
  A library for classifying strings as potential secrets.
  ☆64Updated 4 years ago
• ouspg / trytls
  Does ​your​ library check TLS certificates properly?
  ☆79Updated 2 years ago
• lunixbochs / pingbin
  service to check internet accessibility
  ☆42Updated last year
• google / csp-evaluator
  ☆374Updated 9 months ago
• WICG / csp-next
  A Modest Content Security Proposal
  ☆40Updated 4 years ago
• hannob / vulns
  Named vulnerabilities and their practical impact
  ☆436Updated 3 years ago
• h3xstream / burp-retire-js
  Burp/ZAP/Maven extension that integrate Retire.js repository to find vulnerable Javascript libraries.
  ☆209Updated last year
• mandatoryprogrammer / tarnish
  A Chrome extension static analysis tool to help aide in security reviews.
  ☆159Updated 2 years ago
• mikesamuel / attack-review-testbed
  Make it easy to probe the strengths and weaknesses of a hardened Node.js stack
  ☆19Updated 6 years ago
• lc / secretz
  secretz, minimizing the large attack surface of Travis CI
  ☆327Updated 3 years ago
• justinsteven / advisories
  ☆273Updated 2 years ago
• TheRook / nsshell
  A DNS connectback shell executed by strings in payloads.txt
  ☆102Updated 2 years ago
• dxa4481 / Damn-Vulnerable-Redis-Container
  An example of obtaining RCE via Redis and CSRF
  ☆76Updated 9 years ago
• hannob / tls-what-can-go-wrong
  TLS - what can go wrong?
  ☆108Updated 7 years ago