google / security-crawl-maze
Security Crawl Maze is a comprehensive testbed for web security crawlers. It contains pages representing many ways in which one can link resources from a valid HTML document.
☆155Updated 8 months ago
Related projects ⓘ
Alternatives and complementary repositories for security-crawl-maze
- Vulncode-DB project☆575Updated 2 years ago
- Generic SAST Library☆124Updated this week
- OpenAPI 2.0 (Swagger) fuzzer written in python. Basically TnT for your API.☆110Updated last year
- A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos enginee…☆209Updated 6 months ago
- HTTPWookiee is an HTTP server and proxy stress tool (respect of RFC, HTTP Smuggling issues, etc). If you run an HTTP server project conta…☆49Updated 6 years ago
- XS-Leaks Wiki☆150Updated 2 months ago
- A simple SSRF-testing sheriff written in Go☆315Updated last week
- Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a Website☆136Updated 4 years ago
- A tool to perform Sequential Import Chaining☆254Updated 5 years ago
- ☆175Updated 3 months ago
- Finding potential software vulnerabilities from git commit messages☆395Updated last year
- Cure53 Browser Security White Paper☆286Updated 6 years ago
- ☆252Updated 3 years ago
- research☆150Updated 7 months ago
- ☆173Updated 3 weeks ago
- API Fuzzer which allows to fuzz request attributes using common pentesting techniques and lists vulnerabilities☆387Updated 7 years ago
- Benchmarking repo for secrets scanning☆228Updated 2 months ago
- Security contract types☆61Updated 2 years ago
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…☆141Updated 7 months ago
- A Node.js vulnerability finding tool.☆95Updated 4 years ago
- secretz, minimizing the large attack surface of Travis CI☆321Updated 2 years ago
- A tiny and cute URL fuzzer☆387Updated last year
- ☆231Updated 4 months ago
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.0, purl, and vers…☆96Updated this week
- A cross-platform browser fuzzing framework☆304Updated this week
- A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.☆553Updated last year
- ☆329Updated last week
- Go Web Application Penetration Test☆340Updated last month
- SHELLING - a comprehensive OS command injection payload generator☆105Updated 5 years ago