Alternatives and similar repositories for cstc

Users that are interested in cstc are comparing it to the libraries listed below

• mschwager / route-detect
  Find authentication (authn) and authorization (authz) security bugs in web application routes.
  ☆261Updated 2 months ago
• usdAG / FlowMate
  FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…
  ☆159Updated 6 months ago
• cybervelia / graphicator
  A GraphQL enumeration and extraction tool
  ☆131Updated 2 years ago
• 0xC01DF00D / Collabfiltrator
  Exfiltrate blind Remote Code Execution and SQL injection output over DNS via Burp Collaborator.
  ☆267Updated 4 months ago
• elttam / semgrep-rules
  ☆193Updated 6 months ago
• PortSwigger / autowasp
  BurpSuite Extension: A one-stop pen testing checklist and logger tool
  ☆266Updated 2 years ago
• Static-Flow / BurpSuite-Team-Extension
  This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …
  ☆259Updated 2 years ago
• nccgroup / CollaboratorPlusPlus
  ☆148Updated 3 years ago
• secdec / attack-surface-detector-cli
  ☆80Updated 3 years ago
• akabe1 / OAUTHScan
  Burp Suite Extension useful to verify OAUTHv2 and OpenID security
  ☆173Updated 7 months ago
• trickest / find-gh-poc
  Find CVE PoCs on GitHub
  ☆148Updated last year
• The-Login / DNS-Reset-Checker
  Tools to assess the DNS security of web applications
  ☆128Updated 2 years ago
• yeswehack / pp-finder
  PP-finder Help you find gadget for prototype pollution exploitation
  ☆162Updated 9 months ago
• GoSecure / xxe-workshop
  Workshop given at Hack in Paris 2019
  ☆122Updated last year
• mandiant / heyserial
  Programmatically create hunting rules for deserialization exploitation with multiple keywords, gadget chains, object types, encodings, an…
  ☆142Updated 2 years ago
• nccgroup / GTFOBLookup
  Offline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io), LOLBAS (https://github.com/LOLBAS-Proj…
  ☆280Updated last year
• NotSoSecure / cloud-service-enum
  ☆249Updated 11 months ago
• wallarm / jwt-heartbreaker
  The Burp extension to check JWT (JSON Web Tokens) for using keys from known from public sources
  ☆130Updated 4 years ago
• snyk / socketsleuth
  Burp Extension to add additional functionality for pentesting websocket based applications
  ☆94Updated 11 months ago
• srini0x00 / dvta
  Damn Vulnerable Thick Client App developed in C# .NET
  ☆154Updated last year
• d0ge / sign-saboteur
  SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokens
  ☆159Updated 6 months ago
• forcesunseen / graphquail
  Burp Suite extension that offers a toolkit for testing GraphQL endpoints.
  ☆191Updated 9 months ago
• h4wkst3r / SCMKit
  Source Code Management Attack Toolkit
  ☆219Updated 2 years ago
• Brum3ns / firefly
  Black box fuzzer for web applications
  ☆426Updated 10 months ago
• qtc-de / beanshooter
  JMX enumeration and attacking tool.
  ☆440Updated 2 months ago
• intruder-io / guidtool
  A tool to inspect and attack version 1 GUIDs
  ☆221Updated 2 years ago
• CoreyD97 / Stepper
  A natural evolution of Burp Suite's Repeater tool
  ☆199Updated last year
• putsi / privatecollaborator
  A script for installing private Burp Collaborator with free Let's Encrypt SSL-certificate
  ☆209Updated 11 months ago
• pry0cc / proteus
  A projectdiscovery driven attack surface monitoring bot powered by axiom
  ☆183Updated 2 years ago
• rkhal101 / nmapAutomator
  A script that you can run in the background!
  ☆175Updated 5 years ago