Alternatives and similar repositories for automatic-api-attack-tool

Users that are interested in automatic-api-attack-tool are comparing it to the libraries listed below

• fcavallarin / domdig
  DOM XSS scanner for Single Page Applications
  ☆411Updated 3 weeks ago
• Fuzzapi / API-fuzzer
  API Fuzzer which allows to fuzz request attributes using common pentesting techniques and lists vulnerabilities
  ☆397Updated 7 years ago
• PortSwigger / http-request-smuggler
  ☆998Updated last week
• nccgroup / BurpSuiteHTTPSmuggler
  A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques
  ☆723Updated 6 years ago
• PortSwigger / autowasp
  BurpSuite Extension: A one-stop pen testing checklist and logger tool
  ☆266Updated 2 years ago
• Fuzzapi / fuzzapi
  Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem
  ☆656Updated 4 years ago
• MindPatch / scant3r
  ScanT3r - Module based Bug Bounty Automation Tool ( use Lotus instead github.com/bugBlocker/lotus )
  ☆687Updated 2 weeks ago
• weev3 / LKWA
  Lesser Known Web Attack Lab
  ☆331Updated 5 years ago
• appsecco / the-art-of-subdomain-enumeration
  This repository contains all the supplement material for the book "The art of sub-domain enumeration"
  ☆649Updated 6 years ago
• GoSecure / dtd-finder
  List DTDs and generate XXE payloads using those local DTDs.
  ☆631Updated last year
• vmware / burp-rest-api
  REST/JSON API to the Burp Suite security tool.
  ☆561Updated last year
• RhinoSecurityLabs / Swagger-EZ
  A tool geared towards pentesting APIs using OpenAPI definitions.
  ☆177Updated 2 years ago
• antichown / subdomain-takeover
  Subdomain Takeover Scanner | Subdomain Takeover Tool | by 0x94
  ☆363Updated 2 years ago
• 0xdekster / ReconNote
  Web Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security prof…
  ☆414Updated 4 years ago
• yassineaboukir / sublert
  Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed b…
  ☆1,009Updated 4 years ago
• nccgroup / AutoRepeater
  Automated HTTP Request Repeating With Burp Suite
  ☆877Updated 3 years ago
• modzero / mod0BurpUploadScanner
  HTTP file upload scanner for Burp Proxy
  ☆488Updated last year
• visma-prodsec / confused
  Tool to check for dependency confusion vulnerabilities in multiple package management systems
  ☆725Updated 10 months ago
• SolomonSklash / chomp-scan
  A scripted pipeline of tools to streamline the bug bounty/penetration test reconnaissance phase, so you can focus on chomping bugs.
  ☆396Updated 5 years ago
• PortSwigger / xss-cheatsheet-data
  This repository contains all the XSS cheatsheet data to allow contributions from the community.
  ☆424Updated 3 weeks ago
• PortSwigger / backslash-powered-scanner
  Finds unknown classes of injection vulnerabilities
  ☆687Updated last month
• mhmdiaa / second-order
  Second-order subdomain takeover scanner
  ☆403Updated last week
• jaeles-project / jaeles-signatures
  Default signature for Jaeles Scanner
  ☆322Updated 3 years ago
• mazen160 / jwt-pwn
  Security Testing Scripts for JWT
  ☆315Updated 2 years ago
• luisfontes19 / xxexploiter
  Tool to help exploit XXE vulnerabilities
  ☆563Updated 2 years ago
• BishopFox / smogcloud
  Find cloud assets that no one wants exposed 🔎 ☁️
  ☆345Updated 4 years ago
• Charlie-belmer / nosqli
  NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.
  ☆381Updated 3 years ago
• msrkp / PPScan
  Client Side Prototype Pollution Scanner
  ☆518Updated 2 years ago
• teknogeek / ssrf-sheriff
  A simple SSRF-testing sheriff written in Go
  ☆327Updated 7 months ago
• anshumanbh / tko-subs
  A tool that can help detect and takeover subdomains with dead DNS records
  ☆765Updated 4 years ago