Alternatives and similar repositories for headers

Users that are interested in headers are comparing it to the libraries listed below

• h3xstream / burp-retire-js
  Burp/ZAP/Maven extension that integrate Retire.js repository to find vulnerable Javascript libraries.
  ☆208Updated last year
• secdec / attack-surface-detector-zap
  The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
  ☆63Updated 2 years ago
• riramar / hsecscan
  A security scanner for HTTP response headers.
  ☆301Updated 8 months ago
• secdec / attack-surface-detector-burp
  The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
  ☆106Updated last year
• we45 / orchestron-community
  Orchestron is an Application Vulnerability Management and Correlation Tool.Orchestron helps you solve one key problem "Find and fix vulne…
  ☆31Updated 2 years ago
• OWASP / AppSec-Browser-Bundle
  The OWASP AppSec Browser Bundle is an open source Linux based penetration testing browser bundle built over Mozilla Firefox. It comes pre…
  ☆98Updated 11 years ago
• GoSecure / csp-auditor
  Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a Website
  ☆138Updated 5 years ago
• SecurityRAT / SecurityRAT
  OWASP SecurityRAT (version 1.x) - Tool for handling security requirements in development
  ☆184Updated last month
• OWASP / owasp-swag
  Swag for the OWASP projects and chapters
  ☆43Updated 2 months ago
• ajinabraham / WebAppSec
  Web Application Security
  ☆129Updated last year
• RUB-NDS / BurpSSOExtension
  An extension for BurpSuite that highlights SSO messages in Burp's proxy window..
  ☆118Updated 4 years ago
• OWASP / RiskAssessmentFramework
  The Secure Coding Framework
  ☆268Updated 5 years ago
• FishermansEnemy / bucket_finder
  Amazon bucket brute force tool
  ☆102Updated 12 years ago
• cure53 / mustache-security
  Automatically exported from code.google.com/p/mustache-security
  ☆23Updated 10 years ago
• EdOverflow / bug-bounty-responses
  A collection of response templates for invalid bug bounty reports.
  ☆90Updated 7 years ago
• koto / gitpillage
  Pillage a git repo found in an accessible web root
  ☆61Updated 14 years ago
• OWASP / OWASP-Testing-Guide
  OWASP Testing Guide
  ☆110Updated 9 years ago
• appsecco / using-docker-kubernetes-for-automating-appsec-and-osint-workflows
  Repository for all the workshop content delivered at nullcon X on 1st of March 2019
  ☆81Updated 6 years ago
• cure53 / public-pentesting-reports
  Curated list of public penetration testing reports released by several consulting firms
  ☆48Updated 7 years ago
• JordyZomer / autoSubTakeover
  A tool used to check if a CNAME resolves to the scope address. If the CNAME resolves to a non-scope address it might be worth checking ou…
  ☆134Updated 2 years ago
• RhinoSecurityLabs / Swagger-EZ
  A tool geared towards pentesting APIs using OpenAPI definitions.
  ☆181Updated 2 years ago
• EdOverflow / h1-cli
  A CLI tool to interact with hackerone.com. This was my submission for HackerOne's Summer 2018 Hack Day.
  ☆40Updated 7 years ago
• joswr1ght / MobileAppReportCard
  Microsoft Excel spreadsheets for consistent security evaluation of Android and iOS mobile applications
  ☆50Updated 10 years ago
• DefectDojo / Burp-Plugin
  A Burp plugin to export findings to DefectDojo
  ☆30Updated last year
• pentestgeek / burpcommander
  Ruby command-line interface to Burp Suite's REST API
  ☆58Updated 5 years ago
• michenriksen / bucketlist
  Amazon S3 bucket spelunking!
  ☆87Updated 8 years ago
• PentesterLab / sectalks
  ☆12Updated 8 years ago
• lorenzog / dns-parallel-prober
  PoC for an adaptive parallelised DNS prober
  ☆108Updated 3 years ago
• craighays / bucketkicker
  Brute force AWS bucket finder
  ☆61Updated 2 years ago
• appsecpipeline / AppSecPipeline-Specification
  AppSecPipeline Specification for DevOps automation.
  ☆40Updated 2 years ago