Alternatives and similar repositories for threadfix:

Users that are interested in threadfix are comparing it to the libraries listed below

• mozilla / seasponge
  SeaSponge is an accessible threat modelling tool from Mozilla
  ☆278Updated 7 years ago
• OWASP / Maturity-Models
  Node application to help managing Maturity Models like the ones created by BSIMM and OpenSAMM
  ☆193Updated 6 years ago
• jtmelton / appsensor
  A toolkit for building self-defending applications through real-time event detection and response
  ☆280Updated 2 years ago
• stevespringett / threatmodel-sdk
  A Java library for parsing and programmatically using threat models
  ☆79Updated 2 years ago
• fastly / ftw
  Framework for Testing WAFs (FTW!)
  ☆266Updated last year
• thesp0nge / owasp-orizon
  Owasp Orizon is a source code static analyzer tool designed to spot security issues in Java applications.
  ☆144Updated 8 years ago
• tomsteele / burpbuddy
  burpbuddy exposes Burp Suites's extender API over the network through various mediums, with the goal of enabling development in any langu…
  ☆157Updated 6 years ago
• vulndb / data
  User, contributor and developer friendly vulnerability database
  ☆129Updated 6 years ago
• aparsons / bag-of-holding
  An application to assist in the organization and prioritization of software security activities.
  ☆139Updated 3 years ago
• johndekroon / serializekiller
  Mass scanner for the Java serialize bug
  ☆151Updated 6 years ago
• WithSecureOpenSource / mittn
  Mittn: Security test tool runner for test automation in CI
  ☆195Updated last year
• mozilla / Garmr
  INACTIVE - Security Testing Tool
  ☆107Updated 9 years ago
• mike-goodwin / owasp-threat-dragon
  An open source, online threat modelling tool from OWASP
  ☆483Updated 9 months ago
• victims / victims-cve-db
  CVE database store
  ☆132Updated 4 years ago
• KvasirSecurity / Kvasir
  Kvasir: Penetration Test Data Management
  ☆427Updated 6 years ago
• codedx / codepulse
  Code Pulse is a real-time code coverage tool for penetration testing activities
  ☆122Updated 2 years ago
• ChrisRimondi / VulntoES
  Vulnerability Data in ES
  ☆146Updated 7 years ago
• foospidy / GrepBugs
  A regex based source code scanner.
  ☆129Updated 8 years ago
• OWASP / owasp-summit-2017
  Content for OWASP Summit 2017 site
  ☆128Updated 4 years ago
• salesforce / vulnreport
  Open-source pentesting management and automation platform by Salesforce Product Security
  ☆597Updated 3 years ago
• spoofzu / DeepViolet
  Tool for introspection of SSL\TLS sessions
  ☆139Updated 4 months ago
• lightbulb-framework / lightbulb-framework
  Tools for auditing WAFS
  ☆460Updated 4 years ago
• Contrast-Security-OSS / contrast-rO0
  A tiny Java agent that blocks attacks against unsafe deserialization
  ☆83Updated 7 years ago
• scovetta / yasca
  Yet Another Source Code Analyzer
  ☆184Updated 3 years ago
• openstack-archive / syntribos
  Python API security testing tool from OpenStack Security Group
  ☆278Updated 4 years ago
• sethlaw / sputr
  Security Payload Unit Test Repository (SPUTR)
  ☆86Updated 2 years ago
• NetsOSS / headless-burp
  Automate security tests using Burp Suite.
  ☆226Updated 10 months ago
• siberas / watobo
  ☆90Updated 3 months ago
• honeynet / beeswarm
  Honeypot deployment made easy
  ☆235Updated 6 years ago
• Morningstar / GoASQ
  General Open Architecture Security Questionnaire
  ☆32Updated last year