Alternatives and similar repositories for pen-test-automation

Users that are interested in pen-test-automation are comparing it to the libraries listed below

• 4ARMED / terraform-burp-collaborator
  Terraform configuration to build a Burp Private Collaborator Server
  ☆25Updated 7 years ago
• tls-attacker / TLS-Attacker-BurpExtension
  ☆38Updated 5 years ago
• appsecco / ansible-module-owasp-zap
  Ansible module for OWASP ZAP using Python API to scan web targets for security issues
  ☆14Updated 7 years ago
• laconicwolf / Burp-API-Scripts
  A collection of scripts used to interact with the Burp Rest API
  ☆52Updated 6 years ago
• menzow / sn1per-docker
  Dockerized version of Sn1per (https://github.com/1N3/Sn1per)
  ☆60Updated 7 years ago
• shieldfy / AVWA
  Advanced Vulnerable Web Application (AVWA)
  ☆14Updated 8 years ago
• redtimmy / OAMBuster
  Multithreaded Padding Oracle Attack on Oracle OAM (CVE-2018-2879)
  ☆25Updated 6 years ago
• alienwithin / Scripts-Sploits
  A number of scripts POC's and problems solved as pentests move along.
  ☆45Updated last year
• nccgroup / Extractor
  Extension adds a new tab in Burp Suite called Extractor
  ☆42Updated 6 years ago
• viperbluff / WAF_buster
  Disrupt WAF by abusing SSL/TLS Ciphers
  ☆48Updated 6 years ago
• yehgdotnet / S3Scanner
  Scan for open S3 buckets and dump
  ☆38Updated 7 years ago
• bugbountyworld / BugBountyWorld
  ☆13Updated 2 years ago
• smiegles / certs
  Parse X509 certificates to get the (sub)domains in it.
  ☆28Updated 7 years ago
• nixwizard / kube-alien
  ☆25Updated 4 years ago
• pwntester / XStreamServer
  RCE Exploit PoC for Spring based RESTFul APIs using XStream as Unmarshaler
  ☆20Updated 11 years ago
• pentestgeek / burpcommander
  Ruby command-line interface to Burp Suite's REST API
  ☆59Updated 5 years ago
• allfro / dotNetBeautifier
  A BurpSuite extension for beautifying .NET message parameters and hiding some of the extra clutter that comes with .NET web apps (i.e. __…
  ☆12Updated 10 years ago
• laconicwolf / Dirscover
  A multi-processed, multi-threaded scanner to discover web directories on multiple URLs.
  ☆21Updated 5 years ago
• jayeshchauhan / SKANDA
  OWASP Skanda - SSRF Exploitation Framework
  ☆38Updated 12 years ago
• milo2012 / nmap2nessus
  ☆46Updated 7 years ago
• riyazwalikar / injection-attacks-nosql-talk
  Slides of the talk on Injection attacks in apps with NoSQL Backends, given at null OWASP Bangalore monthly meet on 27th April 2019
  ☆22Updated 6 years ago
• Coalfire-Research / sqlinator
  Automatically forward HTTP GET & POST requests to SQLMap's API to test for SQLi and XSS
  ☆83Updated 2 years ago
• secdec / astam-correlator
  Vulnerability consolidation and management tool, enhances scan results by merging different findings of the same weakness across multiple…
  ☆24Updated 2 years ago
• gradiuscypher / bounty_tools
  Various tools for managing bug bounty recon and exploration.
  ☆47Updated 2 years ago
• twelvesec / BearerAuthToken
  This burpsuite extender provides a solution on testing Enterprise applications that involve security Authorization tokens into every HTTP…
  ☆46Updated 6 years ago
• SecurityRiskAdvisors / Burp-Load-Balancer-Cookie-Scanner
  Burp extension to find and decode BigIP and Netscaler cookies
  ☆15Updated 7 years ago
• armourbird / csf
  ArmourBird CSF - Container Security Framework
  ☆44Updated 3 years ago
• issue2report / issue2report
  Generate pentest reports based on github issues.
  ☆16Updated 2 years ago
• dsopas / rfd-checker
  RFD Checker - security CLI tool to test Reflected File Download issues
  ☆64Updated 6 years ago
• tsondt / oscp
  My notebook for OSCP Lab
  ☆25Updated 8 years ago