Alternatives and similar repositories for owasp-mstg

Users that are interested in owasp-mstg are comparing it to the libraries listed below

• AlfredBerg / dnsline
  Tool for making it easy to collect dns results from the CLI
  ☆40Updated last year
• war-and-code / akamai-arl-hack
  Script to test open Akamai ARL vulnerability.
  ☆70Updated 4 years ago
• vavkamil / XSSwagger
  A simple Swagger-ui scanner that can detect old versions vulnerable to various XSS attacks
  ☆60Updated 6 years ago
• righettod / burp-piper-custom-scripts
  Custom scripts for the PIPER Burp extensions.
  ☆98Updated 2 years ago
• defparam / h1stats
  a tool that compiles a csv of all h1 program stats
  ☆49Updated 2 years ago
• samirettali / dumpcn
  Get all the CNs from a list of domains
  ☆45Updated 4 years ago
• synack / wstg
  The Web Security Testing Guide is a comprehensive open source guide to testing the security of web applications and web services.
  ☆31Updated 3 months ago
• michael1026 / trashcompactor
  ☆66Updated 3 years ago
• honoki / bbrf-dashboard
  ☆43Updated 6 months ago
• yesnet0 / bounty
  Misc bounty and vulndisc things
  ☆85Updated 5 years ago
• pingidentity / AuraIntruder
  ☆19Updated 2 years ago
• honoki / wilson-cloud-respwnder
  WILSON Cloud Respwnder is a Web Interaction Logger Sending Out Notifications with the ability to serve custom content in order to appropr…
  ☆50Updated last year
• daffainfo / my-nuclei-templates
  Some contributions in the nuclei-templates repository
  ☆62Updated 3 years ago
• codingo / microsubs
  A collection of code for interacting with API sources directly to improve your understanding of those services.
  ☆66Updated 5 years ago
• Rhynorater / reports
  ☆60Updated last year
• Healdb / Elevate
  Horizontal Domain Discovery
  ☆77Updated 2 years ago
• BuffaloWill / burpsuite-project-file-parser
  A Burp Suite Extension for parsing Project Files from the CLI.
  ☆89Updated 3 weeks ago
• th3hack3rwiz / Lazy-FuzzZ
  Sometimes we want to fuzz a set of sub-domain URLs with a common wordlist. Fuzzing them one by one is a tedious task, not to mention the …
  ☆52Updated 4 years ago
• Avileox / BB-SH-B
  ☆34Updated 4 years ago
• MrMax4o4 / Hunting-Tips
  ☆11Updated 5 years ago
• Sicks3c / Reconizer
  ☆38Updated 5 years ago
• ozguralp / synackapi
  ☆61Updated last year
• ignis-sec / puff
  Clientside vulnerability / reflected xss fuzzer
  ☆149Updated 2 years ago
• 0xb1tByte / eWPTXv1-Journey
  This repository is intended for sharing files/tools/tutorials..etc that related to eWPTXv1 from eLearnSecurity
  ☆23Updated 5 years ago
• kleiton0x00 / CRLF-one-liner
  A simple Bash one liner with aim to automate CRLF vulnerability scanning.
  ☆69Updated 5 years ago
• In3tinct / Taken
  Takeover subdomains using AWS dangling elastic ips and have a working POC for Subdomain Takeover.
  ☆93Updated 6 months ago
• allyomalley / BurpParamFlagger
  A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…
  ☆132Updated 4 years ago
• ghostlulzhacks / s3brute
  s3 brute force tool
  ☆44Updated 4 years ago
• hakluke / hakcertstream
  Basic implementation of certstream to print new subdomains and domains
  ☆36Updated 4 years ago
• Damian89 / simple-oob-scanner
  Simple tool to test for SSRF/OOB HTTP Read within the Path of a request
  ☆30Updated 6 years ago