Alternatives and similar repositories for asvs-checklist:

Users that are interested in asvs-checklist are comparing it to the libraries listed below

• DigeeX / raider
  DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider
  ☆138Updated 3 years ago
• nightwatchcybersecurity / gitbleed_tools
  ☆90Updated 3 years ago
• PortSwigger / aws-security-checks
  AWS Security Checks
  ☆37Updated 7 years ago
• PaperMtn / github-watchman
  Monitoring GitHub for sensitive data shared publicly
  ☆66Updated 3 years ago
• shivsahni / NSDetect
  ☆22Updated 2 years ago
• gocaio / sct
  Security checks for http headers and cookies
  ☆24Updated 4 years ago
• nccgroup / cowcloud
  ☆58Updated last year
• nicolasriverocorvalan / cloud-sniper
  Virtual Security Operations Center
  ☆50Updated last year
• amroot / amass-to-csv
  A simple script that generates an Excel friendly CSV file from an Amass JSON file.
  ☆13Updated 2 years ago
• Ebryx / S3Rec0n
  A colorful cross-platform python script to test misconfigurations of AWS S3 buckets both through authenticated and unauthenticated checks…
  ☆39Updated 3 years ago
• JOSHUAJEBARAJ / GCP-GOAT
  GCP GOAT is the vulnerable application for learn the GCP Security
  ☆64Updated last year
• GovTech-CSG / Autowasp
  BurpSuite Extension: A one-stop pen testing checklist and logger tool
  ☆75Updated 2 years ago
• OWASP / owasp-cstg
  ☆34Updated 4 years ago
• modulexcite / attacking-and-auditing-docker-containers-and-kubernetes-clusters
  Appsecco training course content on Attacking and Auditing Dockers Containers and Kubernetes Clusters
  ☆14Updated 4 years ago
• nccgroup / ccs
  ☆110Updated last year
• pseudo-security / slacksecrets
  Scans Slack for API tokens, credentials, passwords, and more using YARA rules
  ☆39Updated 4 years ago
• ajinabraham / aws_security_tools
  Scripts and tools for AWS Pentest
  ☆53Updated 4 years ago
• amalmurali47 / onaws
  Fetch the details of assets hosted on AWS.
  ☆86Updated last year
• RossGeerlings / webstor
  WebStor efficiently enumerates all websites across your organization’s networks and those in your DNS records - including cloud-hosted se…
  ☆156Updated 11 months ago
• ProfessionallyEvil / client-side-attacks-lab
  Lab Environment for learning client-side attacks such as CSRF, Clickjacking, XSS, and CORS abuse.
  ☆20Updated 2 years ago
• infinite-omicron / pentesting-checklist
  Penetration Testing Checklist
  ☆35Updated 4 years ago
• Santandersecurityresearch / corsair_scan
  Corsair_scan is a security tool to test Cross-Origin Resource Sharing (CORS).
  ☆122Updated last year
• ivision-research / vulnerable-graphql-api
  A very vulnerable implementation of a GraphQL API.
  ☆59Updated 3 years ago
• P3tra-WP / Jupyter-Threat
  ☆14Updated 2 years ago
• codingo / fastsub
  A custom built DNS bruteforcer with multi-threading, and handling of bad resolvers.
  ☆57Updated 2 years ago
• BuildHackSecure / ffufme
  Target practice for ffuf
  ☆62Updated 3 years ago
• riskprofiler / CloudFrontier
  Monitor the internet attack surface of various public cloud environments. Currently supports AWS, GCP, Azure, DigitalOcean and Oracle Clo…
  ☆124Updated 11 months ago
• Leoid / AWSBurpCollaborator
  Deploy a Private Burpsuite Collaborator using boto3 Python Library
  ☆57Updated 5 years ago
• AssassinUKG / XSSPlayground
  A simple place to learn XSS
  ☆30Updated 4 years ago
• lc / cspparse
  A tool to evaluate Content Security Policies.
  ☆70Updated 4 years ago