flipkart-incubator / Astra
Automated Security Testing For REST API's
☆2,556Updated 9 months ago
Alternatives and similar repositories for Astra:
Users that are interested in Astra are comparing it to the libraries listed below
- ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec.☆2,323Updated 5 months ago
- File upload vulnerability scanner and exploitation tool.☆3,180Updated last year
- Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.o…☆1,846Updated last week
- A toolkit for testing, tweaking and cracking JSON Web Tokens☆5,675Updated 7 months ago
- Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem☆649Updated 4 years ago
- gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, G…☆2,074Updated 8 months ago
- Server-Side Template Injection and Code Injection Detection and Exploitation Tool☆3,897Updated 11 months ago
- Scan for misconfigured S3 buckets across S3-compatible APIs!☆2,710Updated last week
- A curated list of amazingly awesome Burp Extensions☆3,105Updated last month
- SSRF (Server Side Request Forgery) testing resources☆2,394Updated 5 months ago
- Reconnaissance tool for GitHub organizations☆6,014Updated 2 years ago
- HTTP parameter discovery suite.☆5,520Updated last month
- Open Source Vulnerability Management Platform☆5,313Updated 2 weeks ago
- A Tool for Domain Flyovers☆5,732Updated 2 years ago
- Detect and bypass web application firewalls and protection systems☆2,742Updated 7 months ago
- Automatic SSRF fuzzer and exploitation tool☆3,126Updated last month
- This challenge is Inon Shkedy's 31 days API Security Tips.☆2,119Updated 2 years ago
- Web application fuzzer☆6,110Updated 7 months ago
- A python script that finds endpoints in JavaScript files☆3,870Updated 11 months ago
- A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…☆3,766Updated 3 years ago
- Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.☆1,488Updated last year
- grep rough audit - source code auditing tool☆1,592Updated 3 months ago
- EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.☆5,219Updated 5 months ago
- Notes about attacking Jenkins servers☆2,038Updated 8 months ago
- CORS Misconfiguration Scanner☆1,394Updated 2 years ago
- Find leaked secrets via github search☆2,922Updated last month
- Generates permutations, alterations and mutations of subdomains and then resolves them☆2,394Updated 2 months ago
- DevSecOps, ASPM, Vulnerability Management. All on one platform.☆3,935Updated this week
- A Workflow Engine for Offensive Security☆5,533Updated last month
- WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.☆5,567Updated 2 months ago