spyd3r / owasp-asvs-github

Related projects ⓘ

Alternatives and complementary repositories for owasp-asvs-github

• radicallyopensecurity / pentesting-scripts
  Scripts that we use for pentesting
  ☆41Updated 7 years ago
• franksec42 / Vulnerability-management-maturity
  Maturity Model Collaborative project
  ☆13Updated last year
• nccgroup / SFPolDevChk
  Salesforce Policy Deviation Checker
  ☆30Updated 4 years ago
• PortSwigger / attack-surface-detector
  The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
  ☆13Updated 2 years ago
• nccgroup / s3_objects_check
  Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.
  ☆74Updated 2 years ago
• Srendi / Better-AWS-SCAN
  ☆11Updated 8 years ago
• mtesauro / AppSecToolbox-tools
  Repo to hold the markdown-ified metadata on AppSec tools that are automation-friendly
  ☆12Updated 8 years ago
• secdec / attack-surface-detector-zap
  The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
  ☆61Updated last year
• nccgroup / SSHession
  The SSH Multiplex Backdoor Tool
  ☆62Updated 5 years ago
• snyff / oauthsecurity
  OAuth Security Cheatsheet
  ☆39Updated 10 years ago
• DenizParlak / hayat
  Hayat is a script for report and analyze Google Cloud Platform resources.
  ☆79Updated 4 years ago
• torque59 / AWS-Vulnerable-Lambda
  An AWS Lambda vulnerable application written in flask.
  ☆48Updated 7 years ago
• kelbyludwig / saml-attack-surface
  ☆28Updated 7 years ago
• jaredhaight / scripts
  A collection of scripts that I've written while pentesting.
  ☆31Updated 6 years ago
• claudijd / rotten_apple
  A tool for testing continuous integration (CI) or continuous delivery (CD) system security
  ☆23Updated 11 years ago
• pentestgeek / burpcommander
  Ruby command-line interface to Burp Suite's REST API
  ☆59Updated 4 years ago
• disruptops / cred_scanner
  A simple file-based scanner to look for potential AWS access and secret keys in files
  ☆89Updated 7 months ago
• CaliDog / tachikoma
  Tachikoma is a security alerting framework for human beings
  ☆22Updated 6 years ago
• devsecops / defcon-workshop
  ☆65Updated 7 years ago
• Matir / webborer
  WebBorer is a directory-enumeration tool written in Go.
  ☆44Updated last year
• sorokinpf / graphqler
  GraphQL application security testing helper
  ☆19Updated last year
• TestingPens / Constole
  Scan for and exploit Consul agents
  ☆40Updated 5 years ago
• RhinoSecurityLabs / Presentations
  A collection of slides, videos, and proof-of-concept scripts from various Rhino presentations.
  ☆37Updated 6 years ago
• we45 / orchestron-community
  Orchestron is an Application Vulnerability Management and Correlation Tool.Orchestron helps you solve one key problem "Find and fix vulne…
  ☆31Updated last year
• tacticaljmp / aws-tool-comparison
  Overview about existing tools that can be useful for AWS auditing purposes.
  ☆15Updated 7 years ago
• SerpicoProject / SerpicoPlugins
  Plugins for the Serpico Project
  ☆22Updated 5 years ago