Alternatives and similar repositories for Checkmarx-PowerTools

Users that are interested in Checkmarx-PowerTools are comparing it to the libraries listed below

• irsl / jackson-rce-via-spel
  An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions
  ☆124Updated 7 years ago
• appsecco / defcon-26-workshop-attacking-and-auditing-docker-containers
  DEF CON 26 Workshop - Attacking & Auditing Docker Containers Using Open Source
  ☆108Updated 6 years ago
• shubhamshubhankar / autoSource
  Automated SonarQube
  ☆70Updated 6 years ago
• 0ang3el / Unsafe-JAX-RS-Burp
  Burp Suite extension for JAX-RS
  ☆65Updated 8 years ago
• Morningstar / GoASQ
  General Open Architecture Security Questionnaire
  ☆32Updated 2 years ago
• aurainfosec / xss_payloads
  XSS payloads for edge cases
  ☆34Updated 7 years ago
• pinnace / burp-jwt-fuzzhelper-extension
  JWT Fuzzer for BurpSuite. Adds an Intruder hook for on-the-fly JWT fuzzing.
  ☆100Updated 6 years ago
• GrrrDog / ZeroNights-WebVillage-2017
  ☆71Updated 8 years ago
• vah13 / BurpCRLFPlugin
  Another plugin for CRLF vulnerability detection
  ☆26Updated 8 years ago
• jas502n / CVE-2019-8451
  Jira未授权SSRF漏洞
  ☆31Updated 6 years ago
• modzero / interestingFileScanner
  Burp extension
  ☆58Updated 7 years ago
• NetsOSS / headless-burp
  Automate security tests using Burp Suite.
  ☆232Updated last year
• DigitalInterruption / vulnerable-xss-app
  ☆38Updated 2 years ago
• GoSecure / break-fast-serial
  A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs
  ☆55Updated 8 years ago
• andresriancho / websocket-fuzzer
  HTML5 WebSocket message fuzzer
  ☆148Updated 6 years ago
• wuntee / BurpAuthzPlugin
  ☆76Updated 12 years ago
• ssexxe / XXEBugFind
  A tool for detecting XML External Entity (XXE) vulnerabilities in Java applications
  ☆72Updated 11 years ago
• kugg / tclscan
  Scans tcl for command injection
  ☆36Updated 6 years ago
• augustd / burp-suite-error-message-checks
  Burp Suite extension to passively scan for applications revealing server error messages
  ☆65Updated last year
• NotSoSecure / cloud-sec-wiki
  Jekyll Files for cloudsecwiki.com
  ☆49Updated 4 years ago
• imagemlt / myQLrules
  some codeql rules
  ☆15Updated 5 years ago
• vah13 / Oracle-BI-bugs
  ☆34Updated 6 years ago
• dienuet / crossdomain
  CORS checking
  ☆34Updated 7 years ago
• TheTwitchy / vulnd_xxe
  A server vulnerable to XXE that can be used to test payloads using the xxer tool.
  ☆26Updated 7 years ago
• appsecco / json-flash-csrf-poc
  This repo contains the files required to perform a CSRF attack using Flash and HTTP 307 redirections.
  ☆77Updated 7 years ago
• NickstaDB / SerialBrute
  Java serialization brute force attack tool.
  ☆123Updated 8 years ago
• phantom0301 / PTEye
  Phantom eye——A passive business logic vulnerability auditing tool
  ☆55Updated 6 years ago
• ttffdd / XBadManners
  Tool for CVE-2018-16323
  ☆82Updated 6 years ago
• x41sec / BeanStack
  X41 BeanStack - Stack Trace Fingerprinting BETA
  ☆52Updated last week
• jas502n / CVE-2019-16278
  Directory transversal to remote code execution
  ☆69Updated 6 years ago