Alternatives and similar repositories for tarnish

Users that are interested in tarnish are comparing it to the libraries listed below

• exploitprotocol / app-sec-wiki
  Files for appsecwiki.com
  ☆120Updated 5 years ago
• GoSecure / csp-auditor
  Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a Website
  ☆139Updated 5 years ago
• amolnaik4 / bodhi
  Bodhi - Client-side Vulnerability Playground
  ☆122Updated 4 years ago
• nccgroup / Decoder-Improved
  Improved decoder for Burp Suite
  ☆138Updated 4 years ago
• bonkc / BugBountySubdomains
  Tools to gather subdomains from Bug Bounty programs
  ☆65Updated 7 years ago
• br3akp0int / GQLParser
  A repository for GraphQL Extension for Burp Suite
  ☆57Updated 7 years ago
• pownjs / cdb
  Automate common Chrome Debug Protocol tasks to help debug web applications from the command-line and actively monitor and intercept HTTP …
  ☆73Updated 4 years ago
• lanmaster53 / cef
  Proof-of-concept CORS exploitation tool.
  ☆35Updated 6 years ago
• EdOverflow / smith
  Simple wrapper for meg that sieves through meg's output for you.
  ☆59Updated 6 years ago
• mandatoryprogrammer / FlashHTTPRequest
  A very simple bridge for performing Flash HTTP requests with JavaScript
  ☆81Updated 10 years ago
• lc / cspparse
  A tool to evaluate Content Security Policies.
  ☆71Updated 5 years ago
• foospidy / web-cve-tests
  A simple framework for sending test payloads for known web CVEs.
  ☆133Updated 5 years ago
• nightowl131 / AAPG
  [A]ndroid [A]pplication [P]entest [G]uide
  ☆122Updated 6 years ago
• a0xnirudh / kurukshetra
  Kurukshetra - A framework for teaching secure coding by means of interactive problem solving.
  ☆140Updated last year
• ReconJSON / ReconJSON
  ReconJSON is a project dedicated to creating a flexible and consistent JSON format across popular recon tools.
  ☆104Updated 6 years ago
• nccgroup / argumentinjectionhammer
  A Burp Extension designed to identify argument injection vulnerabilities.
  ☆122Updated 6 years ago
• glem0 / goGetBucket
  A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.
  ☆114Updated 6 years ago
• augustd / burp-suite-error-message-checks
  Burp Suite extension to passively scan for applications revealing server error messages
  ☆64Updated 2 years ago
• irsdl / httpninja
  HTTP.ninja
  ☆151Updated 2 years ago
• mandatoryprogrammer / xcname
  A tool for enumerating expired domains in CNAME records
  ☆60Updated 9 years ago
• luh2 / DetectDynamicJS
  The DetectDynamicJS Burp Extension provides an additional passive scanner that tries to find differing content in JavaScript files and ai…
  ☆66Updated 5 years ago
• bayotop / sink-logger
  Transparently log all data passed into known JavaScript sinks - Sink Logger extension for Burp.
  ☆49Updated 3 years ago
• roglew / guppy-proxy
  The Guppy Proxy (GUI Pappy)
  ☆142Updated 6 years ago
• koto / gitpillage
  Pillage a git repo found in an accessible web root
  ☆61Updated 14 years ago
• appsecco / defcon-26-workshop-attacking-and-auditing-docker-containers
  DEF CON 26 Workshop - Attacking & Auditing Docker Containers Using Open Source
  ☆109Updated 6 years ago
• intrigueio / intrigue-ident
  Application and Service Fingerprinting
  ☆133Updated 3 years ago
• vavkamil / dkimsc4n
  Asynchronous wordlist based DKIM scanner
  ☆58Updated 4 years ago
• 0xSobky / Regaxor
  A regular expression fuzzer.
  ☆45Updated 7 years ago
• sethsec / Nodejs-SSRF-App
  Nodejs application intentionally vulnerable to SSRF
  ☆42Updated 2 years ago
• GrrrDog / ZeroNights-WebVillage-2017
  ☆72Updated 8 years ago