Alternatives and similar repositories for threadfix:

Users that are interested in threadfix are comparing it to the libraries listed below

• mozilla / seasponge
  SeaSponge is an accessible threat modelling tool from Mozilla
  ☆278Updated 6 years ago
• aparsons / bag-of-holding
  An application to assist in the organization and prioritization of software security activities.
  ☆138Updated 3 years ago
• WithSecureOpenSource / mittn
  Mittn: Security test tool runner for test automation in CI
  ☆195Updated last year
• thesp0nge / owasp-orizon
  Owasp Orizon is a source code static analyzer tool designed to spot security issues in Java applications.
  ☆144Updated 7 years ago
• OWASP / Maturity-Models
  Node application to help managing Maturity Models like the ones created by BSIMM and OpenSAMM
  ☆193Updated 6 years ago
• jtmelton / appsensor
  A toolkit for building self-defending applications through real-time event detection and response
  ☆280Updated 2 years ago
• fastly / ftw
  Framework for Testing WAFs (FTW!)
  ☆265Updated last year
• stevespringett / threatmodel-sdk
  A Java library for parsing and programmatically using threat models
  ☆79Updated 2 years ago
• OWASP / owasp-summit-2017
  Content for OWASP Summit 2017 site
  ☆128Updated 4 years ago
• mike-goodwin / owasp-threat-dragon
  An open source, online threat modelling tool from OWASP
  ☆483Updated 8 months ago
• johndekroon / serializekiller
  Mass scanner for the Java serialize bug
  ☆151Updated 6 years ago
• tomsteele / burpbuddy
  burpbuddy exposes Burp Suites's extender API over the network through various mediums, with the goal of enabling development in any langu…
  ☆157Updated 6 years ago
• vulndb / data
  User, contributor and developer friendly vulnerability database
  ☆129Updated 6 years ago
• mozilla / Garmr
  INACTIVE - Security Testing Tool
  ☆106Updated 9 years ago
• victims / victims-cve-db
  CVE database store
  ☆130Updated 4 years ago
• GDSSecurity / GDS-PMD-Security-Rules
  Custom security ruleset for the popular Java static analysis tool PMD.
  ☆61Updated 9 years ago
• seccubus / seccubus
  Easy automated vulnerability scanning, reporting and analysis
  ☆702Updated 5 years ago
• scovetta / yasca
  Yet Another Source Code Analyzer
  ☆183Updated 3 years ago
• iriusrisk / bdd-security
  BDD Automated Security Tests for Web Applications
  ☆565Updated 2 years ago
• NetsOSS / headless-burp
  Automate security tests using Burp Suite.
  ☆225Updated 8 months ago
• salesforce / vulnreport
  Open-source pentesting management and automation platform by Salesforce Product Security
  ☆595Updated 3 years ago
• mozilla / minion
  Minion
  ☆354Updated 5 years ago
• h3xstream / burp-retire-js
  Burp/ZAP/Maven extension that integrate Retire.js repository to find vulnerable Javascript libraries.
  ☆202Updated 8 months ago
• jenkinsci / zap-plugin
  The OWASP ZAP Jenkins Plugin extends the functionality of the ZAP security tool into a CI Environment.
  ☆58Updated 5 months ago
• spoofzu / DeepViolet
  Tool for introspection of SSL\TLS sessions
  ☆139Updated 2 months ago
• sethlaw / sputr
  Security Payload Unit Test Repository (SPUTR)
  ☆86Updated last year
• toolswatch / vFeed
  The Correlated CVE Vulnerability And Threat Intelligence Database API
  ☆940Updated 3 years ago
• hdiv / hdiv
  Hdiv CE | Application Self-Protection
  ☆214Updated 2 months ago
• codedx / codepulse
  Code Pulse is a real-time code coverage tool for penetration testing activities
  ☆119Updated 2 years ago
• KvasirSecurity / Kvasir
  Kvasir: Penetration Test Data Management
  ☆427Updated 6 years ago