Alternatives and similar repositories for rest-api-goat

Users that are interested in rest-api-goat are comparing it to the libraries listed below

• marmicode / websheep
  🐑 Websheep is an app based on a willingly vulnerable ReSTful APIs.
  ☆56Updated last year
• DevSlop / Pixi
  The Pixi module is a MEAN Stack web app with wildly insecure APIs!
  ☆128Updated 2 years ago
• Hari-prasaanth / Thick-Client-Pentest-Checklist
  A OWASP Based Checklist With 80+ Test Cases
  ☆148Updated 2 years ago
• ne0z / DamnVulnerableMicroServices
  This is vulnerable microservice written in many language to demonstrating OWASP API Top Security Risk (under development)
  ☆44Updated 2 years ago
• vengatesh-nagarajan / Cloud-pentest
  Resources to learn cloud environment and pentesting the same, contains AWS, Azure, Google Cloud
  ☆53Updated 3 years ago
• CyberSecurityUP / PenTest-Consulting-Creator
  Repository with some necessary information for you to create your PenTest consultancy
  ☆98Updated 6 months ago
• d3lb3 / security-code-review
  My personal collection of resources (mostly tools and training materials) for source code security audits.
  ☆88Updated 10 months ago
• righettod / toolbox-pentest-web
  Docker toolbox for pentest of web based application.
  ☆160Updated this week
• InsiderPhD / Arjun
  HTTP parameter discovery suite.
  ☆63Updated 5 years ago
• guilleiguaran / dvra
  Damn Vulnerable Rails app
  ☆12Updated 12 years ago
• rinetd / BurpSuite-1
  BurpSuite using the document and some extensions
  ☆69Updated 5 years ago
• purabparihar / Infrastructure-Pentesting-Checklist
  ☆139Updated 4 years ago
• kh4sh3i / cloud-penetration-testing
  A curated list of cloud pentesting resource, contains AWS, Azure, Google Cloud
  ☆122Updated 3 years ago
• tkisason / vulnapi
  Intentionaly very vulnerable API with bonus bad coding practices
  ☆47Updated last year
• ethiack / ai4eh
  AI for Ethical Hacking - Workshop
  ☆86Updated 2 weeks ago
• stolenusername / cowitness
  CoWitness is a powerful web application testing tool that enhances the accuracy and efficiency of your testing efforts. It allows you to …
  ☆125Updated last year
• v1ll41n / H1-Report-Finder
  A burpsuite extension that helps security researchers find public security reports published on h1 based on the selected host
  ☆42Updated 5 years ago
• 0xbharath / slurp
  A blazing fast & feature rich Amazon S3 bucket enumerator.
  ☆98Updated 2 years ago
• Hackmanit / template-injection-playground
  The Template Injection Playground allows to test a large number of the most relevant template engines for template injection possibilitie…
  ☆47Updated 2 months ago
• ShiftLeftSecurity / tarpit-java
  Tarpit - A Web application seeded with vulnerabilities, rootkits, backdoors & data leaks
  ☆79Updated 2 years ago
• TROUBLE-1 / White-box-pentesting
  This lab is created to demonstrate pass-the-hash, blind sql and SSTI vulnerabilities
  ☆92Updated 2 years ago
• valeriyshevchenko90 / WhereToGo
  WhereToGo - is a list of popular services that might be used in organizations. By having an account of the user - you can try to find ent…
  ☆128Updated 3 years ago
• jhaddix / awsScrape
  A tool to scrape the AWS ranges looking for a keyword in SSL certificate data.
  ☆233Updated last year
• Arcanum-Sec / arc_pi_taxonomy
  The Arcanum Prompt Injection Taxonomy
  ☆126Updated 2 months ago
• va1da5 / manual-source-code-review
  Regex patterns for manual application source code review
  ☆30Updated 4 years ago
• noraj / AWAE-OSWE
  ☆27Updated 5 years ago
• belane / CloudHunter
  AWS, Azure, Alibaba and Google bucket scanner
  ☆154Updated last year
• CyberSecurityUP / OSCP-in-one-month
  ☆75Updated 3 years ago
• doyensec / CSPTPlayground
  CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).
  ☆126Updated 3 months ago
• CristiVlad25 / misc
  Scripts and other stuff.
  ☆132Updated last year