Alternatives and similar repositories for OWASP-Testing-Guide-v5:

Users that are interested in OWASP-Testing-Guide-v5 are comparing it to the libraries listed below

• secdec / attack-surface-detector-burp
  The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
  ☆101Updated last year
• rinetd / BurpSuite-1
  BurpSuite using the document and some extensions
  ☆68Updated 4 years ago
• GoSecure / xxe-workshop
  Workshop given at Hack in Paris 2019
  ☆121Updated last year
• yogisec / VulnerableSAMLApp
  Vulnerable SAML infrastructure training applicaiton
  ☆51Updated 2 years ago
• BBhacKing / jwt_secrets
  A list of "secrets" from JWT sample code and readme files.
  ☆54Updated 4 years ago
• codewatchorg / Burp-UserAgent
  Automatically modify the User-Agent header in all Burp requests
  ☆55Updated 7 years ago
• chennylmf / OWASP-Web-App-Pentesting-checklists
  ☆71Updated 4 years ago
• InsiderPhD / Arjun
  HTTP parameter discovery suite.
  ☆61Updated 4 years ago
• secdec / attack-surface-detector-cli
  ☆80Updated 3 years ago
• ptswarm / ptswarm-twitter
  ☆76Updated 4 years ago
• david3107 / graphql-security-labs
  GraphQL security workshop labs
  ☆102Updated 8 months ago
• w4fz5uck5 / OSWE
  OSWE Preparation
  ☆37Updated 5 years ago
• incogbyte / jsearch
  ☆29Updated 3 years ago
• shelld3v / aquatone
  A Tool for Domain Flyovers
  ☆100Updated 4 months ago
• nahamsec / SundayStreams
  Data from my Sunday streams
  ☆74Updated 5 years ago
• botesjuan / PenTestMethodology
  Penetration Test Methodology
  ☆15Updated this week
• ZephrFish / Wordlists
  Various Payload wordlists
  ☆235Updated 4 years ago
• hahwul / XSS-Payload-without-Anything
  XSS Payload without Anything.
  ☆103Updated 5 years ago
• JGillam / burp-paramalyzer
  Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.
  ☆154Updated last week
• th3hack3rwiz / Lazy-FuzzZ
  Sometimes we want to fuzz a set of sub-domain URLs with a common wordlist. Fuzzing them one by one is a tedious task, not to mention the …
  ☆51Updated 3 years ago
• 21y4d / blindSQLi
  A python based blind SQL injection exploitation script
  ☆136Updated 5 years ago
• k3nundrum / CRTP
  Notes for CRTP
  ☆40Updated 4 years ago
• TROUBLE-1 / White-box-pentesting
  This lab is created to demonstrate pass-the-hash, blind sql and SSTI vulnerabilities
  ☆90Updated last year
• DFC302 / BugBountyTemplate
  A simple Cherry Tree template that can be used to organize bug bounties
  ☆37Updated 5 years ago
• RhinoSecurityLabs / Swagger-EZ
  A tool geared towards pentesting APIs using OpenAPI definitions.
  ☆174Updated 2 years ago
• appsecco / practical-recon-levelup0x02
  This repository contains all the material from the talk "Practical recon techniques for bug hunters & pentesters" given at Bugcrowd Level…
  ☆60Updated 6 years ago
• BuffaloWill / burpsuite-project-file-parser
  A Burp Suite Extension for parsing Project Files from the CLI.
  ☆87Updated 6 months ago
• jhaddix / lazyrecon
  This script is intended to automate your reconnaissance process in an organized fashion
  ☆39Updated 7 years ago
• GovTech-CSG / Autowasp
  BurpSuite Extension: A one-stop pen testing checklist and logger tool
  ☆75Updated 2 years ago
• jorritfolmer / vulnerable-api
  Enhanced fork with logging, OpenAPI 3.0 and Python 3 for security monitoring workshops
  ☆42Updated last year