Alternatives and similar repositories for OWAAT

Users that are interested in OWAAT are comparing it to the libraries listed below

• hdm / 2017-BSidesLV-Modern-Recon
  Materials related to the 2017 BSides Las Vegas presentation
  ☆52Updated 4 years ago
• RUB-NDS / BurpSSOExtension
  An extension for BurpSuite that highlights SSO messages in Burp's proxy window..
  ☆117Updated 4 years ago
• GoSecure / csp-auditor
  Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a Website
  ☆138Updated 5 years ago
• hakbot / hakbot-origin-controller
  Vendor-Neutral Security Tool Automation Controller (over REST)
  ☆28Updated 5 years ago
• dsopas / rfd-checker
  RFD Checker - security CLI tool to test Reflected File Download issues
  ☆61Updated 6 years ago
• the-bumble / Burp-Scanner-OOB-Checks
  This is a Burp extension for adding additional payloads to active scanner that require out-of-band validation. Works great with XSSHunter
  ☆20Updated 8 years ago
• viperbluff / PortWitness
  Tool for checking Whether a domain or its multiple sub-domains are up and running.
  ☆72Updated 6 years ago
• Coalfire-Research / sqlinator
  Automatically forward HTTP GET & POST requests to SQLMap's API to test for SQLi and XSS
  ☆83Updated 2 years ago
• SpiderLabs / burplay
  Burplay is a Burp Extension allowing for replaying any number of requests using same modifications definition. Its main purpose is to aid…
  ☆82Updated 7 years ago
• aurainfosec / burp-multi-browser-highlighting
  Highlight Burp proxy requests made by different browsers
  ☆30Updated 7 years ago
• ZephrFish / bug-bounty-reference
  Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
  ☆25Updated 8 years ago
• michenriksen / bucketlist
  Amazon S3 bucket spelunking!
  ☆86Updated 7 years ago
• radicallyopensecurity / pentesting-scripts
  Scripts that we use for pentesting
  ☆42Updated 8 years ago
• iriusrisk / RopeyTasks
  Deliberately vulnerable web application
  ☆22Updated 7 years ago
• tomsteele / burpstaticscan
  Use burp's JS static code analysis on code from your local system.
  ☆42Updated 8 years ago
• sethlaw / sputr
  Security Payload Unit Test Repository (SPUTR)
  ☆86Updated 2 years ago
• integrissecurity / carbonator
  Integris Security Carbonator - The Burp Suite Pro extension that automates scope, spider & scan from the command line. Carbonator helps a…
  ☆74Updated 7 years ago
• RUB-NDS / SAML-XXE-Test
  Simple XXE test suite generated specifically for SAML interfaces
  ☆22Updated 6 years ago
• nccgroup / JDSer-ngng
  A Burp Extender plugin, that will deserialized java objects and encode them in XML using the Xtream library.
  ☆26Updated 10 years ago
• Intrinsec / comission
  WhiteBox CMS analysis
  ☆69Updated last year
• AppSecConsulting / Pentest-Tools
  Penetration Testing Tools Developed by AppSec Consulting.
  ☆48Updated 6 years ago
• godinezj / metasploit-framework
  Metasploit Framework
  ☆25Updated 7 years ago
• NetSPI / SpoofSpotter
  A tool to catch spoofed NBNS responses.
  ☆50Updated 6 years ago
• hvqzao / report-ng
  Generate MS Word template-based reports with HP WebInspect / Burp Suite Pro input, own custom data and knowledge base.
  ☆67Updated last year
• B34MR / smbShakedown
  A simplified SMB Email Client Attack script used for pentests.
  ☆30Updated 6 years ago
• yolosec / deserialize-server
  Demo server for testing Java deserialization payloads
  ☆15Updated 8 years ago
• iriusrisk / resty-burp
  REST/JSON interface to Burp Suite
  ☆33Updated 4 years ago
• jgamblin / nmaptable
  Transform NMap Scans to an D3.js HTML Table
  ☆59Updated 7 years ago
• nccgroup / dotnetpaddingoracle
  Python Implementation of a .NET Padding Oracle Assessment Tool
  ☆30Updated 9 years ago
• gr4ym4ntx / attackintel
  A python script to query the MITRE ATT&CK API for tactics, techniques, mitigations, & detection methods for specific threat groups.
  ☆66Updated 6 years ago