oshp / headers
An application to catch, search and analyze HTTP secure headers.
☆65Updated 3 years ago
Alternatives and similar repositories for headers:
Users that are interested in headers are comparing it to the libraries listed below
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆63Updated 2 years ago
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆103Updated last year
- The OWASP AppSec Browser Bundle is an open source Linux based penetration testing browser bundle built over Mozilla Firefox. It comes pre…☆97Updated 11 years ago
- A HackerOne API client for Python☆20Updated 7 years ago
- Automatically exported from code.google.com/p/mustache-security☆23Updated 10 years ago
- Orchestron is an Application Vulnerability Management and Correlation Tool.Orchestron helps you solve one key problem "Find and fix vulne…☆31Updated 2 years ago
- Vulnerable OS Collection is a collection of four Ubuntu based OSes containing real world vulnerable web applications.☆58Updated 7 years ago
- Brute force AWS bucket finder☆61Updated 2 years ago
- Swag for the OWASP projects and chapters☆42Updated 4 months ago
- All-in-one tool for managing vulnerability reports from AppSec pipelines☆106Updated 2 years ago
- Ruby command-line interface to Burp Suite's REST API☆59Updated 5 years ago
- Tools to gather subdomains from Bug Bounty programs☆64Updated 7 years ago
- This is a web application fuzzer scanner - the goal was CLI flexibility and rapid prototyping☆48Updated 5 years ago
- A collection of response templates for invalid bug bounty reports.☆91Updated 7 years ago
- This repository contains an example Python API that is vulnerable to several different web API attacks.☆69Updated last year
- Burp/ZAP/Maven extension that integrate Retire.js repository to find vulnerable Javascript libraries.☆206Updated 10 months ago
- AppSecPipeline Specification for DevOps automation.☆40Updated 2 years ago
- Amazon bucket brute force tool☆99Updated 11 years ago
- AWS Extender CLI is a command-line script to test S3 buckets as well as Google Storage buckets and Azure Storage containers for common mi…☆83Updated 5 years ago
- Takeover script extracts CNAME record of all subdomains at once. TakeOver saves researcher time and increase the chance of finding subdom…☆101Updated 2 years ago
- Chrome extension to aid in finding DOMXSS by simple taint analysis of string values.☆81Updated 5 years ago
- Takes ip range, Scan all open SSL Certs, Grab Cnames☆112Updated 6 years ago
- An extension for BurpSuite that highlights SSO messages in Burp's proxy window..☆117Updated 4 years ago
- Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a Website☆138Updated 5 years ago
- Damn Vulnerable eXtensive Training Environment☆105Updated 3 years ago
- Artwork for all official ZAP swag - posters, stickers, t-shirts etc☆14Updated last year
- A tool to evaluate Content Security Policies.☆71Updated 4 years ago
- The Cleveridge Subdomain Scanner finds subdomains of a given domain.☆37Updated 5 years ago
- Pillage a git repo found in an accessible web root☆61Updated 13 years ago
- Curated list of public penetration testing reports released by several consulting firms☆48Updated 7 years ago