Alternatives and similar repositories for ato-checklist

Users that are interested in ato-checklist are comparing it to the libraries listed below

• tprynn / web-methodology
  Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki
  ☆203Updated 6 months ago
• domain-protect / domain-protect
  OWASP Domain Protect - prevent subdomain takeover
  ☆397Updated 4 months ago
• BishopFox / smogcloud
  Find cloud assets that no one wants exposed 🔎 ☁️
  ☆344Updated 4 years ago
• righteousgambit / quiet-riot
  Unauthenticated enumeration of AWS, Azure, and GCP Principals
  ☆231Updated 6 months ago
• BlazingWind / OWASP-ASVS-4.0-testing-guide
  ☆123Updated last year
• assetnote / ghostbuster
  Eliminate dangling elastic IPs by performing analysis on your resources within all your AWS accounts.
  ☆271Updated 7 months ago
• segmentio / threat-modeling-training
  Segment's Threat Modeling training for our engineers
  ☆243Updated 4 years ago
• duo-labs / secret-bridge
  Monitors Github for leaked secrets
  ☆198Updated 6 months ago
• mllamazares / STRIDE-vs-ASVS
  🖇️ STRIDE vs. ASVS equivalence table
  ☆76Updated 8 months ago
• WeAreCloudar / s3-account-search
  S3 Account Search
  ☆4Updated 6 months ago
• Santandersecurityresearch / DrHeader
  drHEADer helps with the audit of security headers received in response to a single request or a list of requests.
  ☆110Updated 4 months ago
• iknowjason / edge
  Recon tool for cloud provider attribution. Supports AWS, Azure, Google, Cloudflare, and Digital Ocean.
  ☆166Updated 6 months ago
• absoluteappsec / handouts
  materials we hand out
  ☆144Updated last month
• PaperMtn / slack-watchman
  Slack enumeration and exposed secrets detection tool
  ☆378Updated 4 months ago
• detectify / ugly-duckling
  Ugly Duckling is a lightweight scanner built specifically for our Crowdsource community to submit proof-of-concept modules
  ☆189Updated 3 years ago
• boringtools / git-alerts
  Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files
  ☆218Updated last month
• Santandersecurityresearch / asvs
  A simple web app that helps developers understand the ASVS requirements.
  ☆157Updated 2 months ago
• edgeroute / security-champion-framework
  The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.
  ☆108Updated last year
• lanrat / certgraph
  An open source intelligence tool to crawl the graph of certificate Alternate Names
  ☆350Updated last year
• BishopFox / dufflebag
  Search exposed EBS volumes for secrets
  ☆298Updated 2 years ago
• tadwhitaker / Security_Architect_and_Principal_Security_Engineer_Interview_Questions
  This is a companion to the Security Engineer Questions
  ☆202Updated last year
• riskprofiler / CloudFrontier
  Monitor the internet attack surface of various public cloud environments. Currently supports AWS, GCP, Azure, DigitalOcean and Oracle Clo…
  ☆124Updated last year
• cisagov / crossfeed
  External monitoring for organization assets
  ☆397Updated 11 months ago
• secmerc / materialize-threats
  ☆63Updated 2 years ago
• ihamburglar / Redboto
  Red Team Scripts for AWS.
  ☆168Updated 4 years ago
• opendevsecops / guide-aws-hacking
  This is an offensive guide to securing AWS infrastructures. The hope is that by knowing how to take advantage of various types of AWS wea…
  ☆172Updated 6 years ago
• nccgroup / sadcloud
  A tool for standing up (and tearing down!) purposefully insecure cloud infrastructure
  ☆701Updated last year
• iriusrisk / OpenThreatModel
  The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.
  ☆172Updated 5 months ago
• appsecco / attacking-cloudgoat2
  A step-by-step walkthrough of CloudGoat 2.0 scenarios.
  ☆134Updated 5 years ago
• firefart / hijagger
  Checks all maintainers of all NPM and Pypi packages for hijackable packages through domain re-registration
  ☆296Updated this week