Alternatives and similar repositories for webappsec-toolkit

Users that are interested in webappsec-toolkit are comparing it to the libraries listed below

• gwen001 / testxss
  PHP tool to test XSS
  ☆22Updated 6 years ago
• ZephrFish / AttackDeploy
  Scripts for Deploying new server
  ☆49Updated 9 months ago
• JacobReynolds / xssHunterExtension
  Chrome Extension for XSS Hunter Payloads
  ☆41Updated 9 years ago
• 0xSobky / XSSBuster
  XSSB is a proactive DOM sanitizer, defending against client-side injection attacks!
  ☆38Updated 7 years ago
• snyff / oauthsecurity
  OAuth Security Cheatsheet
  ☆41Updated 11 years ago
• rojan-rijal / Pyrate
  Practice Web App written in python with some vulnerabilities.
  ☆34Updated 4 years ago
• rojan-rijal / ReconUI
  Alpha version code of Recon UI
  ☆15Updated 7 years ago
• MrTaherAmine / pentest-management
  Simple webinterface combining different recon tools.
  ☆12Updated 7 years ago
• almroot / dnsresolvers
  A bash script that fetches and maintains thousands of DNS resolvers
  ☆65Updated 5 years ago
• PortSwigger / burp-smart-buster
  A Burp Suite content discovery plugin that add the smart into the Buster!
  ☆32Updated 8 years ago
• eur0pa / goGetBucket
  A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.
  ☆26Updated 7 years ago
• joda32 / CertCrunchy
  Just a silly recon tool that uses data from SSL Certificates to find potential host names
  ☆29Updated 2 years ago
• swarley7 / gograbber
  A horizontal and vertical web content enumerator
  ☆52Updated 7 years ago
• omercnet / BurpJDSer-ng
  BurpJDSer-ng
  ☆29Updated this week
• smiegles / crossdomain
  Exploit insecure crossdomain.xml files.
  ☆26Updated 8 years ago
• silentsignal / ActiveScan3Plus
  Modified version of ActiveScan++ Burp Suite extension
  ☆31Updated 9 years ago
• ChrisTruncer / mikto
  Script to automate, manage, and multithread Nikto scans.
  ☆63Updated 6 years ago
• twelvesec / BearerAuthToken
  This burpsuite extender provides a solution on testing Enterprise applications that involve security Authorization tokens into every HTTP…
  ☆47Updated 6 years ago
• PentesterLab / sectalks
  ☆12Updated 8 years ago
• skorov / subdomainator
  Stay on top of new domains! Bug bounty hunters can use this tool to receive Pushbullet notifications each time there is a new target subd…
  ☆26Updated 7 years ago
• incredibleindishell / Local-file-disclosure-SQL-Injection-Lab
  This is sample code to demonstrate how one can use SQL Injection vulnerability to download local file from server in specific condition. …
  ☆42Updated 8 years ago
• securelayer7 / Race-conditional-vulnerable-Web-application-
  This application is developed to test the race condition vulnerability in the web application. We have discussed about this vulnerability…
  ☆14Updated 9 years ago
• strawp / web-shells
  Web shells for use in penetration testing
  ☆41Updated 10 years ago
• dnet / burp-oauth
  OAuth plugin for Burp Suite Extender
  ☆43Updated 7 years ago
• ptonewreckin / BlindRef
  BlindRef serves as the basis for an automated Blind-Based XXE Exploitation Framework
  ☆26Updated 8 years ago
• rebootuser / Hashmash
  Hashmash is a tool to aid in generating hashes from user supplied values and Epochs
  ☆63Updated 9 years ago
• arvinddoraiswamy / ThickClientScripts
  My IDA scripts, tips and testing techniques for Thick Client applications.
  ☆17Updated 11 years ago
• SimplySecurity / simplydomain
  Subdomain brute force focused on speed and data serialization
  ☆75Updated 3 years ago
• lc / cspparse
  A tool to evaluate Content Security Policies.
  ☆71Updated 5 years ago
• SmeegeSec / Burp-Importer
  Burp Suite Importer - Connect to multiple web servers while populating the sitemap.
  ☆47Updated 5 years ago