Alternatives and similar repositories for threadfix

Users that are interested in threadfix are comparing it to the libraries listed below

• jtmelton / appsensor
  A toolkit for building self-defending applications through real-time event detection and response
  ☆284Updated 2 years ago
• mozilla / seasponge
  SeaSponge is an accessible threat modelling tool from Mozilla
  ☆279Updated 7 years ago
• fastly / ftw
  Framework for Testing WAFs (FTW!)
  ☆266Updated 2 years ago
• thesp0nge / owasp-orizon
  Owasp Orizon is a source code static analyzer tool designed to spot security issues in Java applications.
  ☆144Updated 8 years ago
• mike-goodwin / owasp-threat-dragon
  An open source, online threat modelling tool from OWASP
  ☆486Updated last month
• WithSecureOpenSource / mittn
  Mittn: Security test tool runner for test automation in CI
  ☆196Updated last year
• aparsons / bag-of-holding
  An application to assist in the organization and prioritization of software security activities.
  ☆139Updated 4 years ago
• OWASP / Maturity-Models
  Node application to help managing Maturity Models like the ones created by BSIMM and OpenSAMM
  ☆195Updated 7 years ago
• mozilla / Garmr
  INACTIVE - Security Testing Tool
  ☆107Updated 9 years ago
• vulndb / data
  User, contributor and developer friendly vulnerability database
  ☆128Updated 6 years ago
• johndekroon / serializekiller
  Mass scanner for the Java serialize bug
  ☆152Updated 2 months ago
• stevespringett / threatmodel-sdk
  A Java library for parsing and programmatically using threat models
  ☆81Updated 2 years ago
• OWASP / owasp-summit-2017
  Content for OWASP Summit 2017 site
  ☆128Updated 4 years ago
• codedx / codepulse
  Code Pulse is a real-time code coverage tool for penetration testing activities
  ☆122Updated 2 years ago
• mozilla / minion
  Minion
  ☆355Updated 6 years ago
• tomsteele / burpbuddy
  burpbuddy exposes Burp Suites's extender API over the network through various mediums, with the goal of enabling development in any langu…
  ☆157Updated 6 years ago
• victims / victims-cve-db
  CVE database store
  ☆132Updated 4 years ago
• AlienVault-OTX / ApiV2
  Version 2 of the ThreatCrowd API
  ☆270Updated 2 years ago
• siberas / watobo
  ☆90Updated this week
• DinisCruz / Book_SecDevOps_Risk_Workflow
  Content for 'JIRA Risk Project' book published at LeanPub
  ☆57Updated 7 years ago
• scovetta / yasca
  Yet Another Source Code Analyzer
  ☆184Updated 3 years ago
• kost / dockscan
  dockscan is security vulnerability and audit scanner for Docker installations
  ☆219Updated 9 years ago
• ChrisRimondi / VulntoES
  Vulnerability Data in ES
  ☆145Updated 7 years ago
• salesforce / vulnreport
  Open-source pentesting management and automation platform by Salesforce Product Security
  ☆599Updated 3 years ago
• GDSSecurity / GDS-PMD-Security-Rules
  Custom security ruleset for the popular Java static analysis tool PMD.
  ☆61Updated 9 years ago
• KvasirSecurity / Kvasir
  Kvasir: Penetration Test Data Management
  ☆430Updated 6 years ago
• OWASP / OWASP-Testing-Guide
  OWASP Testing Guide
  ☆110Updated 9 years ago
• sethlaw / sputr
  Security Payload Unit Test Repository (SPUTR)
  ☆86Updated 2 years ago
• foospidy / DbDat
  Db Database Assessment Tool
  ☆210Updated 7 years ago
• hakbot / hakbot-origin-controller
  Vendor-Neutral Security Tool Automation Controller (over REST)
  ☆28Updated 6 years ago