Alternatives and similar repositories for oshp-validator:

Users that are interested in oshp-validator are comparing it to the libraries listed below

• nccgroup / ccs
  ☆110Updated last year
• boostsecurityio / lotp
  boostsecurityio/lotp
  ☆111Updated last month
• OWASP / www-project-secure-headers
  The OWASP Secure Headers Project
  ☆145Updated this week
• BlazingWind / OWASP-ASVS-4.0-testing-guide
  ☆122Updated last year
• optiv / rest-api-goat
  ☆74Updated last year
• trufflesecurity / how-to-rotate
  An open-source collection of API key rotation tutorials.
  ☆63Updated last month
• Santandersecurityresearch / DrHeader
  drHEADer helps with the audit of security headers received in response to a single request or a list of requests.
  ☆110Updated 3 weeks ago
• mllamazares / STRIDE-vs-ASVS
  🖇️ STRIDE vs. ASVS equivalence table
  ☆75Updated 5 months ago
• NeuraLegion / brokencrystals
  A Broken Application - Very Vulnerable!
  ☆137Updated last week
• OWASP / www-project-security-champions-guidebook
  OWASP Foundation Web Respository
  ☆19Updated 3 weeks ago
• nullenc0de / ChromeAudit
  Nuclei plugins to audit Chrome extensions
  ☆64Updated 6 months ago
• dwisiswant0 / ipfuscator
  A blazing-fast, thread-safe, straightforward and zero memory allocations tool to swiftly generate alternative IP(v4) address representati…
  ☆85Updated last year
• kulkansecurity / gitxray
  A multifaceted security tool which leverages Public GitHub REST APIs for OSINT, Forensics, Pentesting and more.
  ☆111Updated this week
• saw-your-packet / CloudShovel
  A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where w…
  ☆98Updated 2 months ago
• DevSlop / Pixi
  The Pixi module is a MEAN Stack web app with wildly insecure APIs!
  ☆119Updated 2 years ago
• OWASP / www-project-devsecops-guideline
  The OWASP DevSecOps Guideline explains how we can implement a secure pipeline and use best practices and introduce tools that we can use …
  ☆62Updated 7 months ago
• owaspsamm / sammwise
  NextJS-based single-page application for completing and reviewing SAMM assessments
  ☆70Updated last year
• feeltheajf / trufflehog3
  Find secrets in your codebase
  ☆122Updated 3 weeks ago
• jstawinski / GitHub-Actions-Attack-Diagram
  ☆161Updated 4 months ago
• OWASP / OpenCRE
  ☆91Updated 2 months ago
• dolevf / graphql-cop
  Security Auditor Utility for GraphQL APIs
  ☆409Updated this week
• cerberauth / vulnapi
  API Security Vulnerability Scanner designed to help you secure your APIs.
  ☆110Updated this week
• controlplaneio / truffleproc
  truffleproc — hunt secrets in process memory (TruffleHog & gdb mashup)
  ☆113Updated last year
• Toreon / threat-model-playbook
  ☆82Updated 3 years ago
• Whitespots-OU / security-requirements-generator
  A small tool to help developers understand a huge set of security requirements from appsec teams
  ☆45Updated 2 years ago
• jhaddix / awsScrape
  A tool to scrape the AWS ranges looking for a keyword in SSL certificate data.
  ☆229Updated last year
• synacktiv / nord-stream
  Nord Stream is a tool that allows you to extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently …
  ☆266Updated 2 months ago
• Probely / security_checklist
  Web Application Security Checklist
  ☆121Updated 3 years ago
• iknowjason / edge
  Recon tool for cloud provider attribution. Supports AWS, Azure, Google, Cloudflare, and Digital Ocean.
  ☆164Updated 3 months ago
• assetnote / ghostbuster
  Eliminate dangling elastic IPs by performing analysis on your resources within all your AWS accounts.
  ☆267Updated 4 months ago