Alternatives and similar repositories for threadfix:

Users that are interested in threadfix are comparing it to the libraries listed below

• mozilla / seasponge
  SeaSponge is an accessible threat modelling tool from Mozilla
  ☆278Updated 6 years ago
• jtmelton / appsensor
  A toolkit for building self-defending applications through real-time event detection and response
  ☆280Updated 2 years ago
• thesp0nge / owasp-orizon
  Owasp Orizon is a source code static analyzer tool designed to spot security issues in Java applications.
  ☆144Updated 8 years ago
• OWASP / Maturity-Models
  Node application to help managing Maturity Models like the ones created by BSIMM and OpenSAMM
  ☆193Updated 6 years ago
• tomsteele / burpbuddy
  burpbuddy exposes Burp Suites's extender API over the network through various mediums, with the goal of enabling development in any langu…
  ☆157Updated 6 years ago
• aparsons / bag-of-holding
  An application to assist in the organization and prioritization of software security activities.
  ☆139Updated 3 years ago
• OWASP / owasp-summit-2017
  Content for OWASP Summit 2017 site
  ☆128Updated 4 years ago
• vulndb / data
  User, contributor and developer friendly vulnerability database
  ☆129Updated 6 years ago
• WithSecureOpenSource / mittn
  Mittn: Security test tool runner for test automation in CI
  ☆195Updated last year
• johndekroon / serializekiller
  Mass scanner for the Java serialize bug
  ☆151Updated 6 years ago
• stevespringett / threatmodel-sdk
  A Java library for parsing and programmatically using threat models
  ☆79Updated 2 years ago
• mozilla / Garmr
  INACTIVE - Security Testing Tool
  ☆106Updated 9 years ago
• Contrast-Security-OSS / contrast-rO0
  A tiny Java agent that blocks attacks against unsafe deserialization
  ☆83Updated 7 years ago
• salesforce / vulnreport
  Open-source pentesting management and automation platform by Salesforce Product Security
  ☆596Updated 3 years ago
• fastly / ftw
  Framework for Testing WAFs (FTW!)
  ☆265Updated last year
• spoofzu / DeepViolet
  Tool for introspection of SSL\TLS sessions
  ☆139Updated 3 months ago
• scovetta / yasca
  Yet Another Source Code Analyzer
  ☆183Updated 3 years ago
• NetsOSS / headless-burp
  Automate security tests using Burp Suite.
  ☆225Updated 9 months ago
• OWASP / glue
  Application Security Automation
  ☆529Updated last year
• sethlaw / sputr
  Security Payload Unit Test Repository (SPUTR)
  ☆86Updated 2 years ago
• victims / victims-cve-db
  CVE database store
  ☆132Updated 4 years ago
• openstack-archive / syntribos
  Python API security testing tool from OpenStack Security Group
  ☆278Updated 4 years ago
• seccubus / seccubus
  Easy automated vulnerability scanning, reporting and analysis
  ☆702Updated 5 years ago
• foxglovesec / JavaUnserializeExploits
  ☆492Updated 9 years ago
• h3xstream / burp-retire-js
  Burp/ZAP/Maven extension that integrate Retire.js repository to find vulnerable Javascript libraries.
  ☆203Updated 9 months ago
• codedx / codepulse
  Code Pulse is a real-time code coverage tool for penetration testing activities
  ☆122Updated 2 years ago
• toolswatch / vFeed
  The Correlated CVE Vulnerability And Threat Intelligence Database API
  ☆941Updated 3 years ago
• lightbulb-framework / lightbulb-framework
  Tools for auditing WAFS
  ☆458Updated 4 years ago
• KvasirSecurity / Kvasir
  Kvasir: Penetration Test Data Management
  ☆427Updated 6 years ago
• owasp-cloud-security / owasp-cloud-security
  OWASP Cloud Security - Enabling conversations through threat and control stories
  ☆179Updated 6 years ago