Alternatives and similar repositories for web-methodology

Users that are interested in web-methodology are comparing it to the libraries listed below

• absoluteappsec / handouts
  materials we hand out
  ☆147Updated 5 months ago
• security-prince / Resources-for-Application-Security
  Some good resources for getting started with application security
  ☆143Updated 4 years ago
• jobertabma / transformations
  ☆173Updated 2 years ago
• detectify / ugly-duckling
  Ugly Duckling is a lightweight scanner built specifically for our Crowdsource community to submit proof-of-concept modules
  ☆188Updated 4 years ago
• N0MoreSecr3ts / wraith
  Uncover forgotten secrets and bring them back to life, haunting security and operations teams.
  ☆209Updated 2 years ago
• doyensec / burpdeveltraining
  Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"
  ☆359Updated 5 years ago
• appsecco / attacking-cloudgoat2
  A step-by-step walkthrough of CloudGoat 2.0 scenarios.
  ☆134Updated 5 years ago
• dxa4481 / truffleHogRegexes
  These are the regexes that power truffleHog
  ☆223Updated 3 years ago
• RhinoSecurityLabs / Swagger-EZ
  A tool geared towards pentesting APIs using OpenAPI definitions.
  ☆183Updated 3 years ago
• szski / shapeshifter
  GraphQL security testing tool
  ☆126Updated 3 years ago
• koenrh / s3enum
  Fast and stealthy Amazon S3 bucket enumeration tool for pentesters.
  ☆262Updated 3 weeks ago
• koenbuyens / Vulnerable-OAuth-2.0-Applications
  vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.
  ☆324Updated last year
• LewisArdern / metasecjs
  MetaSec.js combines all the free open-source security tools to identify issues with JavaScript and automates the boring parts
  ☆82Updated 2 years ago
• NotSoSecure / cloud-service-enum
  ☆260Updated last year
• prodigysml / Dr.-Watson
  Dr. Watson is a simple Burp Suite extension that helps find assets, keys, subdomains, IP addresses, and other useful information! It's yo…
  ☆218Updated 6 years ago
• AvasDream / pentesting-dockerfiles
  Pentesting/Bugbounty Dockerfiles.
  ☆176Updated 4 years ago
• DevSlop / Pixi
  The Pixi module is a MEAN Stack web app with wildly insecure APIs!
  ☆132Updated 3 years ago
• allyomalley / dnsobserver
  A handy DNS service written in Go to aid in the detection of several types of blind vulnerabilities. It monitors a pentester's server for…
  ☆192Updated 5 years ago
• codingo / crithit
  Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures t…
  ☆213Updated 5 years ago
• cranelab / webapp-tech
  ☆45Updated 5 years ago
• opendevsecops / guide-aws-hacking
  This is an offensive guide to securing AWS infrastructures. The hope is that by knowing how to take advantage of various types of AWS wea…
  ☆174Updated 6 years ago
• tomdev / teh_s3_bucketeers
  ☆276Updated 4 years ago
• codingo / bbr
  An open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.
  ☆218Updated 5 years ago
• gwen001 / s3-buckets-finder
  Find AWS S3 buckets and test their permissions.
  ☆396Updated 2 years ago
• ArturSS7 / TukTuk
  Tool for catching and logging different types of requests.
  ☆221Updated 5 years ago
• we45 / DVFaaS-Damn-Vulnerable-Functions-as-a-Service
  Intentionally Vulnerable Serverless Functions to understand the specifics of Serverless Security Vulnerabilities
  ☆136Updated 3 years ago
• magoo / ato-checklist
  A checklist of practices for organizations dealing with account takeover (ATO)
  ☆276Updated last year
• BlazingWind / OWASP-ASVS-4.0-testing-guide
  ☆124Updated 2 years ago
• BishopFox / smogcloud
  Find cloud assets that no one wants exposed 🔎 ☁️
  ☆350Updated 5 years ago
• Plazmaz / leaky-repo
  Benchmarking repo for secrets scanning
  ☆240Updated last year