juerkkil / secheadersLinks
Python script to check HTTP security headers
☆66Updated this week
Alternatives and similar repositories for secheaders
Users that are interested in secheaders are comparing it to the libraries listed below
Sorting:
- ASN reconnaissance script☆129Updated last year
- AWS Security Checks☆40Updated 7 years ago
- Enhanced fork with logging, OpenAPI 3.0 and Python 3 for security monitoring workshops☆42Updated last year
- A tool geared towards pentesting APIs using OpenAPI definitions.☆179Updated 2 years ago
- Find the remote website version based on a git repository☆126Updated 4 years ago
- ☆71Updated 4 years ago
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆103Updated last year
- Weaponizing Live CT logs for automated monitoring of assets☆135Updated 3 years ago
- Python utility to takeover domains vulnerable to AWS NS Takeover☆87Updated 2 years ago
- FockCache - Minimalized Test Cache Poisoning☆110Updated 5 years ago
- Ugly Duckling is a lightweight scanner built specifically for our Crowdsource community to submit proof-of-concept modules☆188Updated 3 years ago
- A colorful cross-platform python script to test misconfigurations of AWS S3 buckets both through authenticated and unauthenticated checks…☆39Updated 4 years ago
- Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.☆157Updated last month
- This repository contains an example Python API that is vulnerable to several different web API attacks.☆70Updated last year
- A collection of response templates for invalid bug bounty reports.☆91Updated 7 years ago
- MetaSec.js combines all the free open-source security tools to identify issues with JavaScript and automates the boring parts☆81Updated 2 years ago
- All-in-one AWS S3 bucket tool for pentesters.☆74Updated 6 years ago
- ☆58Updated 4 years ago
- Cross Origin Resource Sharing MisConfiguration Scanner☆174Updated 3 years ago
- Takeover subdomains using AWS dangling elastic ips and have a working POC for Subdomain Takeover.☆92Updated last month
- ☆52Updated 6 months ago
- A very vulnerable implementation of a GraphQL API.☆61Updated 3 years ago
- GraphQL security testing tool☆123Updated 3 years ago
- BurpSuite using the document and some extensions☆69Updated 5 years ago
- The OWASP Testing Guide includes a "best practice" penetration testing framework which users can implement in their own organizations and…☆77Updated 5 years ago
- ☆76Updated 4 years ago
- ☆23Updated 3 years ago
- ☆28Updated 6 years ago
- Find subdomains and takeovers.☆85Updated 2 years ago
- Pentesting/Bugbounty Dockerfiles.☆177Updated 4 years ago