sqreen / SPAuditLinks
☆39Updated 2 years ago
Alternatives and similar repositories for SPAudit
Users that are interested in SPAudit are comparing it to the libraries listed below
Sorting:
- An extensible, heuristic-based vulnerability scanning tool for installed npm packages☆50Updated 4 years ago
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆64Updated 2 years ago
- An AWS Lambda vulnerable application written in flask.☆49Updated 8 years ago
- This repo gives an overview of some GCP metadata API attack and defend patterns☆77Updated 5 years ago
- All-in-one tool for managing vulnerability reports from AppSec pipelines☆108Updated 2 years ago
- An ultra-compact intro (or refresher) to Web Application Security.☆32Updated 7 years ago
- Automate common Chrome Debug Protocol tasks to help debug web applications from the command-line and actively monitor and intercept HTTP …☆73Updated 4 years ago
- Intentionally Vulnerable Serverless Functions to understand the specifics of Serverless Security Vulnerabilities☆136Updated 2 years ago
- Use burp's JS static code analysis on code from your local system.☆42Updated 8 years ago
- Bodhi - Client-side Vulnerability Playground☆121Updated 4 years ago
- Interactive IPython Notebook to demonstrate OWASP ZAP's API and Scripting Functions - OWASP ZAP 2.8.0☆41Updated 2 years ago
- A JavaScript clickjacking PoC generator☆24Updated 6 years ago
- ☆30Updated 4 years ago
- A static-code-analysis tool for performing security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a la…☆141Updated last year
- ReconJSON is a project dedicated to creating a flexible and consistent JSON format across popular recon tools.☆102Updated 6 years ago
- A Burp plugin to export findings to DefectDojo☆30Updated last year
- Bento Toolkit is a minimal fedora-based container for penetration tests and CTF with the sweet addition of GUI applications.☆78Updated 4 years ago
- A simple web app that helps developers understand the ASVS requirements.☆159Updated 7 months ago
- Burp as a Docker Container☆59Updated 5 years ago
- Archaeologit scans the history of a user's GitHub repositories for a given pattern to find sensitive things.☆143Updated 7 years ago
- A collection of response templates for invalid bug bounty reports.☆90Updated 7 years ago
- An Entropy-Based Link Vulnerability Tool☆60Updated 7 years ago
- Presentations, training modules, and other education materials from Duo Security's Application Security team.☆77Updated 4 years ago
- Fast browser-based network discovery module☆114Updated 4 years ago
- OAuth Security Cheatsheet☆40Updated 11 years ago
- Application and Service Fingerprinting☆133Updated 2 years ago
- Detect exposed API keys on GitHub commits.☆34Updated 3 years ago
- OWASP SecurityRAT (version 1.x) - Tool for handling security requirements in development☆184Updated last month
- AutoTriageBot automatically verifies, deduplicates, and suggests payouts for incoming HackerOne reports.☆56Updated 3 years ago
- Pown.js is a security testing an exploitation toolkit built on top of Node.js and NPM.☆261Updated 2 years ago