Alternatives and similar repositories for attack-surface-detector-cli

Users that are interested in attack-surface-detector-cli are comparing it to the libraries listed below

• wallarm / jwt-heartbreaker
  The Burp extension to check JWT (JSON Web Tokens) for using keys from known from public sources
  ☆138Updated 5 years ago
• RhinoSecurityLabs / Swagger-EZ
  A tool geared towards pentesting APIs using OpenAPI definitions.
  ☆185Updated 3 years ago
• putsi / privatecollaborator
  A script for installing private Burp Collaborator with free Let's Encrypt SSL-certificate
  ☆210Updated last year
• aress31 / openapi-parser
  Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in …
  ☆206Updated 2 years ago
• Static-Flow / BurpSuite-Team-Extension
  This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …
  ☆261Updated 3 years ago
• rinetd / BurpSuite-1
  BurpSuite using the document and some extensions
  ☆72Updated 5 years ago
• szski / shapeshifter
  GraphQL security testing tool
  ☆126Updated 3 years ago
• detectify / ugly-duckling
  Ugly Duckling is a lightweight scanner built specifically for our Crowdsource community to submit proof-of-concept modules
  ☆187Updated 4 years ago
• NotSoSecure / cloud-service-enum
  ☆260Updated last year
• secdec / attack-surface-detector-burp
  The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
  ☆110Updated 2 years ago
• DevSlop / Pixi
  The Pixi module is a MEAN Stack web app with wildly insecure APIs!
  ☆132Updated 3 years ago
• nccgroup / CollaboratorPlusPlus
  ☆148Updated 3 years ago
• lanmaster53 / pyscripter-er
  A framework built on top of Burp's Python Scripter extension.
  ☆90Updated 2 years ago
• GoSecure / xxe-workshop
  Workshop given at Hack in Paris 2019
  ☆126Updated 2 years ago
• yogisec / VulnerableSAMLApp
  Vulnerable SAML infrastructure training applicaiton
  ☆54Updated 3 years ago
• 0xbharath / slurp
  A blazing fast & feature rich Amazon S3 bucket enumerator.
  ☆99Updated 3 years ago
• The-Login / DNS-Reset-Checker
  Tools to assess the DNS security of web applications
  ☆128Updated 3 years ago
• BuffaloWill / burpsuite-project-file-parser
  A Burp Suite Extension for parsing Project Files from the CLI.
  ☆89Updated 3 weeks ago
• jorritfolmer / vulnerable-api
  Enhanced fork with logging, OpenAPI 3.0 and Python 3 for security monitoring workshops
  ☆44Updated last year
• silentsignal / burp-piper
  Piper Burp Suite Extender plugin
  ☆129Updated 3 weeks ago
• bytebutcher / burp-send-to
  Adds a customizable "Send to..."-context-menu to your BurpSuite.
  ☆163Updated 3 years ago
• andresriancho / mongo-objectid-predict
  Predict Mongo ObjectIds
  ☆151Updated 7 years ago
• Static-Flow / gofingerprint
  GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fing…
  ☆207Updated 2 years ago
• koenrh / s3enum
  Fast and stealthy Amazon S3 bucket enumeration tool for pentesters.
  ☆262Updated last week
• ignis-sec / puff
  Clientside vulnerability / reflected xss fuzzer
  ☆149Updated 2 years ago
• detectify / cs-challenge
  Detectify Crowdsource Challenge
  ☆72Updated 3 years ago
• orlyjamie / asnrecon
  ASN reconnaissance script
  ☆131Updated 2 years ago
• LewisArdern / metasecjs
  MetaSec.js combines all the free open-source security tools to identify issues with JavaScript and automates the boring parts
  ☆82Updated 3 years ago
• PortSwigger / auth-matrix
  AuthMatrix is a Burp Suite extension that provides a simple way to test authorization in web applications and web services.
  ☆45Updated 2 years ago
• shivsahni / NSBrute
  Python utility to takeover domains vulnerable to AWS NS Takeover
  ☆87Updated 3 years ago