Alternatives and similar repositories for AppSec-Detection-Framework

Users that are interested in AppSec-Detection-Framework are comparing it to the libraries listed below

• trufflesecurity / WhoAmISlack
  Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.
  ☆41Updated last year
• franksec42 / Vulnerability-management-maturity
  Maturity Model Collaborative project
  ☆15Updated 2 years ago
• tenable / hidden-services-revealer
  ☆35Updated 9 months ago
• P3tra-WP / Jupyter-Threat
  ☆14Updated 2 years ago
• kerberosmansour / InfoSecOpenAIExamples
  InfoSec OpenAI Examples
  ☆19Updated last year
• semgrep-old / rules-owasp-asvs
  Semgrep rules corresponding to the OWASP ASVS standard
  ☆27Updated 4 years ago
• Outpost24 / outpost24-cors-check
  Additional active scan checks for BURP
  ☆27Updated 7 months ago
• ghostsecurity / waf-btk
  WAF bypass PoC
  ☆47Updated last year
• OpenSecuritySummit / project-ASVS-User-Stories
  ☆18Updated 3 years ago
• hac01 / gcp-iam-brute
  ☆47Updated 11 months ago
• piercing-index / cloud-vulnerabilities
  ☆41Updated 2 months ago
• Whitespots-OU / security-requirements-generator
  A small tool to help developers understand a huge set of security requirements from appsec teams
  ☆45Updated 2 years ago
• JupiterOne-Archives / j1nuclei
  ☆14Updated last year
• nccgroup / ccs
  ☆110Updated last year
• mllamazares / vulncov
  🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.
  ☆39Updated 5 months ago
• offensive-terraform / terraform-aws-ec2-kali-linux
  Offensive Terraform module which creates Kali Linux from the AWS marketplace and installs cloud security tools (Pacu, Cloudsplaining, Sco…
  ☆18Updated 4 years ago
• rusakovichma / TicTaaC
  Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …
  ☆64Updated 10 months ago
• domain-protect / domain-protect-gcp
  Protect against subdomain takeover
  ☆92Updated 11 months ago
• vectra-ai-research / log4j-aws-sandbox
  A set of AWS resources for testing the Log4Shell vulnerability, deployable with terraform
  ☆12Updated 3 years ago
• GangGreenTemperTatum / DOMspy
  A web security research tool for DOM testing
  ☆21Updated this week
• groovyBugify / aws-security-mcp
  A Model Context Protocol server that connects AI assistants like Claude to AWS security services, allowing them to autonomously query, in…
  ☆42Updated 2 weeks ago
• doyensec / PESD-Exporter-Extension
  PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams
  ☆105Updated 3 months ago
• modulexcite / attacking-and-auditing-docker-containers-and-kubernetes-clusters
  Appsecco training course content on Attacking and Auditing Dockers Containers and Kubernetes Clusters
  ☆14Updated 5 years ago
• stephenbradshaw / aws_url_signer
  POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF
  ☆58Updated last year
• DevSlop / pixi-crs
  CI Pipeline with Pixi, the WAF OWASP Core Rule Set and TestCafe tests.
  ☆15Updated 3 years ago
• dagheyman / awesome-product-security
  📚A curated list of product security resources.
  ☆19Updated 2 years ago
• xvnpw / sec-docs
  An experimental project using LLM technology to generate security documentation for Open Source Software (OSS) projects
  ☆28Updated 2 months ago
• nicolasriverocorvalan / cloud-sniper
  Virtual Security Operations Center
  ☆50Updated last year
• r3volved / CVEAggregate
  Build a CVE library with aggregated CISA, EPSS and CVSS data
  ☆27Updated last year
• AdnaneKhan / ActionsTOCTOU
  Example repository for GitHub Actions Time of Check to Time of Use (TOCTOU vulnerabilities)
  ☆23Updated 2 weeks ago