google / security-crawl-mazeLinks
Security Crawl Maze is a comprehensive testbed for web security crawlers. It contains pages representing many ways in which one can link resources from a valid HTML document.
☆162Updated last year
Alternatives and similar repositories for security-crawl-maze
Users that are interested in security-crawl-maze are comparing it to the libraries listed below
Sorting:
- Finding potential software vulnerabilities from git commit messages☆417Updated last year
- Generic SAST Library☆132Updated last month
- A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos enginee…☆223Updated last year
- ☆105Updated last month
- ☆365Updated 5 months ago
- OpenAPI 2.0 (Swagger) fuzzer written in python. Basically TnT for your API.☆111Updated 2 years ago
- Cure53 Browser Security White Paper☆297Updated 7 years ago
- A Node.js vulnerability finding tool.☆95Updated 4 years ago
- The request.bin of DNS request☆234Updated 7 years ago
- Application and Service Fingerprinting☆133Updated 2 years ago
- HTTPWookiee is an HTTP server and proxy stress tool (respect of RFC, HTTP Smuggling issues, etc). If you run an HTTP server project conta…☆50Updated 7 years ago
- XS-Leaks Wiki☆166Updated 2 months ago
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…☆148Updated last year
- This repo gives an overview of some GCP metadata API attack and defend patterns☆76Updated 5 years ago
- research☆151Updated last year
- A Chrome extension static analysis tool to help aide in security reviews.☆157Updated last year
- secretz, minimizing the large attack surface of Travis CI☆327Updated 3 years ago
- Evenly distributes scanner load across targets☆90Updated 3 months ago
- Benchmarking repo for secrets scanning☆235Updated 11 months ago
- API Fuzzer which allows to fuzz request attributes using common pentesting techniques and lists vulnerabilities☆399Updated 8 years ago
- Go static analysis tool that checks for security issues using an AST.☆29Updated 6 years ago
- Companion labs to "An Exploration of JSON Interoperability Vulnerabilities"☆207Updated 2 years ago
- ☆181Updated 5 months ago
- ☆72Updated 3 years ago
- The DevSecOps toolset for REST APIs☆273Updated 2 years ago
- ☆74Updated 4 years ago
- Simple "postMessage logger" Chrome extension☆98Updated 5 years ago
- Unicode Security Guide☆120Updated 7 years ago
- Predict Mongo ObjectIds☆144Updated 7 years ago
- Chrome extension to aid in finding DOMXSS by simple taint analysis of string values.☆81Updated 6 years ago