Alternatives and similar repositories for oshp-validator

Users that are interested in oshp-validator are comparing it to the libraries listed below

• OWASP / www-project-secure-headers
  The OWASP Secure Headers Project
  ☆157Updated last week
• boringtools / git-alerts
  Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files
  ☆218Updated last month
• BlazingWind / OWASP-ASVS-4.0-testing-guide
  ☆123Updated last year
• The-Login / DNS-Analysis-Server
  Tools to assess DNS security.
  ☆152Updated last year
• NeuraLegion / brokencrystals
  A Broken Application - Very Vulnerable!
  ☆159Updated last week
• projectdiscovery / openrisk
  openrisk is a tool that generates a risk score based on the results of a Nuclei scan.
  ☆169Updated 3 months ago
• codingo / dorky
  A tool to quickly do keyword searches over Gitlab and Github for OSINT & bug bounty recon
  ☆237Updated last year
• OWASP / raider
  OWASP Raider: a novel framework for manipulating the HTTP processes of persistent sessions
  ☆104Updated last year
• Checkmarx / capital
  A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Sec…
  ☆290Updated last year
• shabarkin / aws-enumerator
  The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testin…
  ☆205Updated 3 years ago
• jhaddix / awsScrape
  A tool to scrape the AWS ranges looking for a keyword in SSL certificate data.
  ☆232Updated last year
• trufflesecurity / how-to-rotate
  An open-source collection of API key rotation tutorials.
  ☆71Updated last month
• gsmith257-cyber / GraphCrawler
  GraphQL automated security testing toolkit
  ☆316Updated last year
• projectdiscovery / tldfinder
  A streamlined tool for discovering private TLDs for security research.
  ☆198Updated this week
• boostsecurityio / lotp
  boostsecurityio/lotp
  ☆125Updated last month
• SecureStackCo / visualizing-software-supply-chain
  A project to visualize the software supply chain
  ☆50Updated last year
• koenbuyens / securityheaders
  Check any website (or set of websites) for insecure security headers.
  ☆250Updated last year
• controlplaneio / truffleproc
  truffleproc — hunt secrets in process memory (TruffleHog & gdb mashup)
  ☆118Updated last year
• nccgroup / ccs
  ☆110Updated last year
• trufflesecurity / of-CORS
  ☆151Updated last year
• JavierOlmedo / OWASP-Calculator
  🧮 An online calculator to assess the risk of web vulnerabilities based on OWASP Risk Assessment
  ☆158Updated 3 years ago
• cerberauth / vulnapi
  API Security Vulnerability Scanner designed to help you secure your APIs.
  ☆137Updated this week
• DevSlop / Pixi
  The Pixi module is a MEAN Stack web app with wildly insecure APIs!
  ☆125Updated 2 years ago
• PortSwigger / oauth-scan
  Burp Suite Extension useful to verify OAUTHv2 and OpenID security
  ☆188Updated 5 months ago
• DigeeX / raider
  DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider
  ☆139Updated 3 years ago
• Santandersecurityresearch / DrHeader
  drHEADer helps with the audit of security headers received in response to a single request or a list of requests.
  ☆110Updated 4 months ago
• righettod / toolbox-pentest-web
  Docker toolbox for pentest of web based application.
  ☆151Updated this week
• iknowjason / edge
  Recon tool for cloud provider attribution. Supports AWS, Azure, Google, Cloudflare, and Digital Ocean.
  ☆166Updated 6 months ago
• jstawinski / GitHub-Actions-Attack-Diagram
  ☆182Updated last month
• feeltheajf / trufflehog3
  Find secrets in your codebase
  ☆123Updated 2 months ago