google / security-crawl-maze
Security Crawl Maze is a comprehensive testbed for web security crawlers. It contains pages representing many ways in which one can link resources from a valid HTML document.
☆155Updated 9 months ago
Related projects ⓘ
Alternatives and complementary repositories for security-crawl-maze
- ☆330Updated 3 weeks ago
- Generic SAST Library☆125Updated last week
- A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos enginee…☆213Updated 6 months ago
- ☆102Updated last week
- Application and Service Fingerprinting☆131Updated last year
- A simple SSRF-testing sheriff written in Go☆316Updated 3 weeks ago
- OpenAPI 2.0 (Swagger) fuzzer written in python. Basically TnT for your API.☆110Updated last year
- Intentionally vulnerable Go web app.☆42Updated 11 months ago
- SHELLING - a comprehensive OS command injection payload generator☆107Updated 5 years ago
- Vulncode-DB project☆575Updated 2 years ago
- A Node.js vulnerability finding tool.☆95Updated 4 years ago
- API Fuzzer which allows to fuzz request attributes using common pentesting techniques and lists vulnerabilities☆387Updated 7 years ago
- A tiny and cute URL fuzzer☆387Updated 2 years ago
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…☆141Updated 8 months ago
- secretz, minimizing the large attack surface of Travis CI☆321Updated 2 years ago
- Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a Website☆136Updated 4 years ago
- HTTP.ninja☆147Updated last year
- Finding potential software vulnerabilities from git commit messages☆397Updated last year
- A curated list of awesome browser security learning material.☆130Updated 2 years ago
- HTTPWookiee is an HTTP server and proxy stress tool (respect of RFC, HTTP Smuggling issues, etc). If you run an HTTP server project conta…☆49Updated 6 years ago
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.0, purl, and vers…☆98Updated this week
- Automate security tests using Burp Suite.☆223Updated 5 months ago
- This repository includes a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard cer…☆280Updated 4 months ago
- A Chrome extension static analysis tool to help aide in security reviews.☆147Updated last year
- Benchmarking repo for secrets scanning☆229Updated 3 months ago
- OSS-Fuzz vulnerabilities for OSV.☆133Updated this week
- ☆175Updated 4 months ago
- A tool to perform Sequential Import Chaining☆254Updated 5 years ago
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆253Updated 3 years ago
- Manual JavaScript Linting is a Bug☆49Updated 3 years ago