A tool for analyzing the attack surface of an application
☆19Mar 5, 2025Updated 11 months ago
Alternatives and similar repositories for attack-surface-analyzer
Users that are interested in attack-surface-analyzer are comparing it to the libraries listed below
Sorting:
- Kantega Web Application Security Hero Challenge☆19Dec 3, 2020Updated 5 years ago
- ☆14Apr 23, 2019Updated 6 years ago
- An interactive way to learn threat modeling☆17Feb 14, 2019Updated 7 years ago
- Javascript Code Injection for Debugging☆20Nov 11, 2023Updated 2 years ago
- ☆21Sep 25, 2018Updated 7 years ago
- Caterpillar is a security scanning library for AI agent skill files (e.g., Claude Code skills) for dangerous or malicious behavior☆32Feb 16, 2026Updated last week
- This is a Burp extension for adding additional payloads to active scanner that require out-of-band validation. Works great with XSSHunter☆20Feb 16, 2017Updated 9 years ago
- Dynamic DNS Update Bruteforce Tool☆29Feb 8, 2017Updated 9 years ago
- OWASP ASVS Assessment Tool☆28Nov 6, 2018Updated 7 years ago
- ViewState Payload Generator☆26Aug 17, 2018Updated 7 years ago
- Equal Experts Secure Delivery Playbook☆26Feb 21, 2023Updated 3 years ago
- Demonstrates how a malicious dependency could negatively impact the build output.☆25Aug 11, 2023Updated 2 years ago
- ☆24Aug 9, 2022Updated 3 years ago
- Cloudformation Template and Lambda to detect if Instance Profile credentials are being used outside your AWS Account.☆29Aug 18, 2019Updated 6 years ago
- ☆27Feb 19, 2026Updated last week
- ☆28Aug 6, 2020Updated 5 years ago
- MCP Snitch is a macOS application that intercepts and monitors MCP server communications, providing security analysis, access control, an…☆93Oct 14, 2025Updated 4 months ago
- ☆34Aug 13, 2021Updated 4 years ago
- intentionally vulnerable API☆30Sep 10, 2024Updated last year
- Cracker for Apache.lang.commons RandomStringUtils(). Code for "The Java Soothsayer" talk at EkoParty 2017 by Alejo Popovici.☆33Mar 13, 2018Updated 7 years ago
- Spotter is a comprehensive Kubernetes security scanner that uses CEL-based rules to identify security vulnerabilities, misconfigurations,…☆71Sep 13, 2025Updated 5 months ago
- ☆36Apr 29, 2025Updated 10 months ago
- CVE-2020-5410 Spring Cloud Config directory traversal vulnerability☆31Jun 16, 2020Updated 5 years ago
- Kubernetes offensive framework built in eBPF☆39Mar 14, 2023Updated 2 years ago
- Pin designs for security related items☆37Feb 16, 2026Updated 2 weeks ago
- ☆83Dec 5, 2019Updated 6 years ago
- Easily create authenticated data structures☆43Apr 11, 2023Updated 2 years ago
- MetaSec.js combines all the free open-source security tools to identify issues with JavaScript and automates the boring parts☆82Feb 4, 2023Updated 3 years ago
- A comprehensive checklist and guide for organizations looking to implement a robust cybersecurity program☆46Feb 2, 2026Updated last month
- Fag ol fra mastern☆10Jul 3, 2019Updated 6 years ago
- CuanticoSecurity☆10Sep 7, 2016Updated 9 years ago
- Fork of edx-theme repository customized for gymnasium☆10Apr 14, 2021Updated 4 years ago
- Small Node CLI tool to extract active contributors on repos and orgs☆10Dec 6, 2022Updated 3 years ago
- A microframework based on fasthttp☆12Sep 26, 2023Updated 2 years ago
- Simple implementation of an AppSec Pipeline using the Gasp library☆13Sep 8, 2019Updated 6 years ago
- Create tar/zip archives that try to exploit zipslip vulnerability.☆48Sep 20, 2024Updated last year
- Data about all known supply-chain attacks through history☆63May 28, 2025Updated 9 months ago
- A tool to exploit the hash length extension attack in various hashing algorithms☆10Apr 14, 2014Updated 11 years ago
- Query CSV files with SQL.☆11Oct 15, 2018Updated 7 years ago