Alternatives and similar repositories for vuln-graphql-api:

Users that are interested in vuln-graphql-api are comparing it to the libraries listed below

• anunay-bhatt / secure-serverless-reference-architecture
  A walkthrough of security controls for a serverless architecture via a demo application
  ☆11Updated 2 years ago
• ivision-research / vulnerable-graphql-api
  A very vulnerable implementation of a GraphQL API.
  ☆57Updated 3 years ago
• amalmurali47 / onaws
  Fetch the details of assets hosted on AWS.
  ☆86Updated last year
• Ebryx / S3Rec0n
  A colorful cross-platform python script to test misconfigurations of AWS S3 buckets both through authenticated and unauthenticated checks…
  ☆39Updated 3 years ago
• NotSoSecure / cloud-sec-wiki
  Jekyll Files for cloudsecwiki.com
  ☆50Updated 3 years ago
• OWASP / www-project-appsec-pipeline
  OWASP Foundation Web Respository
  ☆10Updated last year
• R0X4R / Pinaak
  A vulnerability fuzzing tool written in bash, it contains the most commonly used tools to perform vulnerability scan
  ☆79Updated 3 years ago
• zapbot / zap-mgmt-scripts
  ZAP Management Scripts
  ☆21Updated last week
• sebastian-mora / AWS-Loot
  Pull secrets from an AWS environment
  ☆70Updated 4 years ago
• Contrast-Security-OSS / vulnerable-spring-boot-application
  ☆13Updated 9 months ago
• lmoratti / risky-records
  Given a list of domains and known IP and buckets that are owned, which might be susceptible to domain hijacking?
  ☆13Updated 4 months ago
• Frichetten / aws_api_shapeshifter
  A small library to alter AWS API requests; Used for fuzzing research
  ☆22Updated last year
• AbstractClass / CloudPrivs
  Determine privileges from cloud credentials via brute-force testing.
  ☆66Updated 5 months ago
• PortSwigger / nuclei-burp-integration
  Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.
  ☆27Updated last year
• intruder-io / param-miner
  Fork of https://github.com/PortSwigger/param-miner for header smuggling research
  ☆12Updated 3 years ago
• DigeeX / raider
  DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider
  ☆138Updated 3 years ago
• dsecuredcom / yataf
  yataf extracts secrets and paths from files or urls - its best used against javascript files
  ☆51Updated 4 months ago
• mgreiler / code-reviews
  code reviews to practice
  ☆16Updated 3 years ago
• OWASP / www-project-cloud-native-application-security-top-10
  OWASP Foundation Web Respository
  ☆34Updated 4 months ago
• ghostsecurity / waf-btk
  WAF bypass PoC
  ☆46Updated last year
• shivsahni / NSDetect
  ☆22Updated 2 years ago
• assetnote / kitebuilder
  ☆23Updated 11 months ago
• Checkmarx / dustilock
  DustiLock is a tool to find which of your dependencies is susceptible to a Dependency Confusion attack.
  ☆35Updated 3 years ago
• xmendez / awsdigger
  AWS IAM resources search tool
  ☆20Updated 3 years ago
• Threagile / run-threagile-action
  GitHub action to run Threagile, the agile threat modeling toolkit, on a repo's threagile.yaml file
  ☆13Updated 8 months ago
• secureCodeBox / secureCodeBox-v2
  This Repository contains the stable beta preview of the next major secureCodeBox (SCB) release v2.0.0.
  ☆24Updated 4 years ago
• kaakaww / javaspringvulny
  javaspringvulny - a Spring Boot web application built wrong on purpose
  ☆19Updated this week
• P3tra-WP / Jupyter-Threat
  ☆14Updated 2 years ago
• synopsys-sig / ATOR-Burp
  ☆78Updated 9 months ago
• madhuakula / docker-security-checker
  Dockerfile Security Checker using OPA Rego policies with Conftest
  ☆59Updated 2 years ago