Alternatives and similar repositories for attack-surface-analyzer

Users that are interested in attack-surface-analyzer are comparing it to the libraries listed below

• we45 / orchestron-community
  Orchestron is an Application Vulnerability Management and Correlation Tool.Orchestron helps you solve one key problem "Find and fix vulne…
  ☆31Updated 2 years ago
• torque59 / AWS-Vulnerable-Lambda
  An AWS Lambda vulnerable application written in flask.
  ☆48Updated 7 years ago
• DevSlop / pixi-crs
  CI Pipeline with Pixi, the WAF OWASP Core Rule Set and TestCafe tests.
  ☆15Updated 3 years ago
• HBOCodeLabs / gimme-aws-creds
  A CLI that utilizes Okta IdP via SAML to acquire temporary AWS credentials
  ☆10Updated 3 years ago
• random-robbie / metadata-one-liners
  retrive metadata endpoint data with these one liners.
  ☆38Updated 4 years ago
• PortSwigger / aws-security-checks
  AWS Security Checks
  ☆39Updated 7 years ago
• dxa4481 / AttackingAndDefendingTheGCPMetadataAPI
  This repo gives an overview of some GCP metadata API attack and defend patterns
  ☆76Updated 5 years ago
• secdec / attack-surface-detector-zap
  The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
  ☆63Updated 2 years ago
• maK- / scanomaly-2years
  This is a web application fuzzer scanner - the goal was CLI flexibility and rapid prototyping
  ☆48Updated 5 years ago
• EdOverflow / h1-cli
  A CLI tool to interact with hackerone.com. This was my submission for HackerOne's Summer 2018 Hack Day.
  ☆39Updated 6 years ago
• BountyMachine / about
  A central place to keep track of relevant BountyMachine talks, blogs, and interesting things!
  ☆33Updated 6 years ago
• semgrep-old / rules-owasp-asvs
  Semgrep rules corresponding to the OWASP ASVS standard
  ☆27Updated 4 years ago
• nccgroup / s3_objects_check
  Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.
  ☆76Updated 3 years ago
• lanmaster53 / cef
  Proof-of-concept CORS exploitation tool.
  ☆35Updated 5 years ago
• snyff / oauthsecurity
  OAuth Security Cheatsheet
  ☆40Updated 11 years ago
• disruptops / IncidentResponseGenerator
  Updated incident response generator for training classes
  ☆44Updated 3 years ago
• OWASP / owasp-cstg
  ☆36Updated 4 years ago
• franksec42 / Vulnerability-management-maturity
  Maturity Model Collaborative project
  ☆15Updated 2 years ago
• andresriancho / vpc-vpn-pivot
  Pivot into private VPC networks using a VPN connection
  ☆42Updated 5 years ago
• pownjs / leaks
  Extensive code infrastructure for finding unintended information leaks in files, git repositories and much more.
  ☆28Updated 2 years ago
• SmeegeSec / Burp-Importer
  Burp Suite Importer - Connect to multiple web servers while populating the sitemap.
  ☆48Updated 5 years ago
• ShadowHatesYou / whori.sh
  Zone transfers for rwhois
  ☆20Updated 6 years ago
• lc / cspparse
  A tool to evaluate Content Security Policies.
  ☆71Updated 4 years ago
• randorisec / talks
  Security conferences talks
  ☆25Updated 4 years ago
• securityMB / burp-exceptions
  Simple trick to increase readability of exceptions raised by Burp extensions written in Python
  ☆43Updated 8 years ago
• kelbyludwig / saml-attack-surface
  ☆29Updated 8 years ago
• nightwatchcybersecurity / cloud_metadata_ips
  List of special metadata IPs used in cloud services
  ☆11Updated 5 years ago
• burp-hash / burp-hash
  ☆32Updated 9 years ago
• ttarvis / glasgo
  A Security Scanner for Go
  ☆26Updated 6 years ago
• 0xdevalias / gopherblazer
  PoC's and Slides from 'Gophers, whales and.. clouds? Oh my!' BSides Wellington presentation by Glenn 'devalias' Grant
  ☆16Updated 7 years ago