Alternatives and similar repositories for validation-benchmarks

Users that are interested in validation-benchmarks are comparing it to the libraries listed below

• elttam / semgrep-rules
  ☆196Updated 8 months ago
• dhammon / ai-goat
  Learn AI security through a series of vulnerable LLM CTF challenges. No sign ups, no cloud fees, run everything locally on your system.
  ☆290Updated 10 months ago
• bahruzjabiyev / t-reqs
  Grammar-based HTTP/1 fuzzer with mutation ability
  ☆253Updated 8 months ago
• faizann24 / rogue
  Automated web vulnerability scanning with LLM agents
  ☆332Updated 3 weeks ago
• GitHubSecurityLab / codeql-zero-to-hero
  CodeQL zero to hero blog post series challenges
  ☆129Updated 2 weeks ago
• iosifache / semgrep-rules-manager
  Manager of third-party sources of Semgrep rules 🗂
  ☆87Updated 11 months ago
• ElectrovoltSec / HackBench
  How effective are LLMs in identifying and exploiting security vulnerabilities?
  ☆55Updated 4 months ago
• faizann24 / baby-naptime
  A very simple open source implementation of Google's Project Naptime
  ☆159Updated 3 months ago
• KTH-LangSec / silent-spring
  Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js
  ☆68Updated last year
• mschwager / route-detect
  Find authentication (authn) and authorization (authz) security bugs in web application routes.
  ☆270Updated 4 months ago
• tuannq2299 / semgrep-rules
  A collection of Semgrep rules which followed security guidelines for .NET and Java.
  ☆23Updated 3 years ago
• SoheilKhodayari / TheThing
  TheThing: an open-source tool to detect DOM Clobbering vulnerabilities
  ☆50Updated last year
• KTH-LangSec / server-side-prototype-pollution
  A collection of Server-Side Prototype Pollution gadgets and exploits
  ☆193Updated 5 months ago
• Orange-Cyberdefense / grepmarx
  A source code static analysis platform for AppSec enthusiasts.
  ☆253Updated 4 months ago
• msrkp / MXSS
  Awesome MXSS ??
  ☆52Updated 9 months ago
• Brum3ns / firefly
  Black box fuzzer for web applications
  ☆427Updated 2 weeks ago
• doyensec / PESD-Exporter-Extension
  PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams
  ☆105Updated 5 months ago
• google / protobuf-extensibility-for-burp
  ☆86Updated last year
• SoheilKhodayari / JAW
  JAW: A Graph-based Security Analysis Framework for Client-side JavaScript
  ☆108Updated 7 months ago
• epi052 / feroxfuzz
  A structure-aware HTTP fuzzing library
  ☆213Updated 7 months ago
• mnns / LLMFuzzer
  🧠 LLMFuzzer - Fuzzing Framework for Large Language Models 🧠 LLMFuzzer is the first open-source fuzzing framework specifically designed …
  ☆286Updated last year
• xscorp / jsmug
  A PoC code for JSON Smuggling technique to smuggle arbitrary files through JSON
  ☆113Updated last year
• nxenon / h2spacex
  HTTP/2 Last Frame Synchronization (also known as Single Packet Attack) low Level Library / Tool based on Scapy‌ + Exploit Timing Attacks
  ☆182Updated last month
• yeswehack / pp-finder
  PP-finder Help you find gadget for prototype pollution exploitation
  ☆165Updated 11 months ago
• ngalongc / AuthzAI
  ☆177Updated 8 months ago
• nikitastupin / pwnhub
  How GitHub Actions workflows can be hacked
  ☆162Updated 10 months ago
• usdAG / FlowMate
  FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…
  ☆162Updated 8 months ago
• alexdevassy / Machine_Learning_CTF_Challenges
  CTF challenges designed and implemented in machine learning applications
  ☆158Updated 10 months ago
• cyproxio / mcp-for-security
  MCP for Security: A collection of Model Context Protocol servers for popular security tools like SQLMap, FFUF, NMAP, Masscan and more. In…
  ☆294Updated this week
• yacwagh / FAAST
  Prototype of Full Agentic Application Security Testing, FAAST = SAST + DAST + LLM agents
  ☆57Updated 2 months ago