Alternatives and similar repositories for sast-tp-framework

Users that are interested in sast-tp-framework are comparing it to the libraries listed below

• testable-eu / sast-testability-patterns
  Testability Pattern Catalogs for SAST
  ☆31Updated 11 months ago
• gand3lf / semgrepper
  An extension to use Semgrep inside Burp Suite.
  ☆89Updated 8 months ago
• doyensec / PESD-Exporter-Extension
  PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams
  ☆106Updated last year
• iosifache / semgrep-rules-manager
  Manager of 14 third-party sources comprising approximately 4,000 Semgrep rules 🗂
  ☆98Updated last month
• elttam / semgrep-rules
  ☆226Updated last month
• SoheilKhodayari / TheThing
  TheThing: an open-source tool to detect DOM Clobbering vulnerabilities
  ☆57Updated 2 years ago
• GitHubSecurityLab / gh-mrva
  Run CodeQL queries at scale using Multi-Repository Variant Analysis (MRVA)
  ☆61Updated 9 months ago
• KTH-LangSec / silent-spring
  Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js
  ☆75Updated 2 years ago
• tuannq2299 / semgrep-rules
  A collection of Semgrep rules which followed security guidelines for .NET and Java.
  ☆23Updated 4 years ago
• u21h2 / AutoSpear
  AutoSpear
  ☆72Updated 2 years ago
• Contrast-Security-OSS / go-test-bench
  Intentionally vulnerable Go web app.
  ☆42Updated 4 months ago
• SoheilKhodayari / JAW
  JAW: A Graph-based Security Analysis Framework for Client-side JavaScript
  ☆117Updated 4 months ago
• bahruzjabiyev / t-reqs
  Grammar-based HTTP/1 fuzzer with mutation ability
  ☆260Updated last year
• trickest / find-gh-poc
  Find CVE PoCs on GitHub
  ☆160Updated 6 months ago
• GitHubSecurityLab / codeql-zero-to-hero
  CodeQL zero to hero blog post series challenges
  ☆163Updated 4 months ago
• akabe1 / OAUTHScan
  Burp Suite Extension useful to verify OAUTHv2 and OpenID security
  ☆175Updated last year
• PortSwigger / url-cheatsheet-data
  This is the data that powers the PortSwigger URL validation bypass cheat sheet.
  ☆57Updated 4 months ago
• Checkmarx / dustilock
  DustiLock is a tool to find which of your dependencies is susceptible to a Dependency Confusion attack.
  ☆40Updated 4 years ago
• p1ckzi / CVE-2022-22965
  spring4shell | CVE-2022-22965
  ☆23Updated 3 years ago
• xscorp / jsmug
  A PoC code for JSON Smuggling technique to smuggle arbitrary files through JSON
  ☆115Updated last year
• MrTuxracer / advisories
  Security Advisories
  ☆35Updated 3 months ago
• bvcyber / jws2pubkey
  jws2pubkey tool
  ☆43Updated 7 months ago
• arthurgervais / mapta
  We present MAPTA, a multi-agent system for autonomous web application security assessment that combines large language model orchestratio…
  ☆93Updated 5 months ago
• sf197 / nuclei_gpt
  Chat automates Nuclei template generation
  ☆107Updated 2 years ago
• yacwagh / FAAST
  Prototype of Full Agentic Application Security Testing, FAAST = SAST + DAST + LLM agents
  ☆67Updated 9 months ago
• Teebytes / TnT-Fuzzer
  OpenAPI 2.0 (Swagger) fuzzer written in python. Basically TnT for your API.
  ☆111Updated 3 years ago
• doyensec / cloudsec-tidbits
  Blogpost series showcasing interesting cloud - web app security bugs
  ☆49Updated 2 years ago
• GitHubSecurityLab / CodeQL-Community-Packs
  Collection of community-driven CodeQL query, library and extension packs
  ☆203Updated last month
• hackvertor / shadow-repeater
  ☆42Updated 2 months ago
• 4auvar / VulnNodeApp
  A vulnerable node.js application
  ☆42Updated last year