yacwagh / FAASTLinks
Prototype of Full Agentic Application Security Testing, FAAST = SAST + DAST + LLM agents
☆67Updated 9 months ago
Alternatives and similar repositories for FAAST
Users that are interested in FAAST are comparing it to the libraries listed below
Sorting:
- ☆101Updated this week
- A web security research tool for DOM testing☆24Updated this week
- This repository hosts several snippets and file related to the BsidesLV 2024 talk about Shadow and Zombie APIs by me☆18Updated last year
- Additional active scan checks for BURP☆28Updated last year
- Simple PoC for demonstrating Race Conditions on Websockets☆55Updated 2 years ago
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…☆165Updated 3 months ago
- Delving into the Realm of LLM Security: An Exploration of Offensive and Defensive Tools, Unveiling Their Present Capabilities.☆166Updated 2 years ago
- Verizon Burp Extensions: AI Suite☆142Updated 9 months ago
- An extension to use Semgrep inside Burp Suite.☆89Updated 8 months ago
- Encode and Fuzz Custom Protobuf Messages in Burp Suite☆36Updated 11 months ago
- A research project to add some brrrrrr to Burp☆197Updated 11 months ago
- AIHTTPAnalyzer revolutionizes web application security testing by bringing artificial intelligence capabilities to Burp Suite. This innov…☆27Updated 10 months ago
- ai-based domain name generation☆101Updated last year
- A set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate in as simple a p…☆30Updated 2 months ago
- Bounty Prompt is an Open-Source Burp Suite extension by Bounty Security that leverages advanced AI via Burp AI and Groq AI. It enables us…☆113Updated 11 months ago
- A collection of Semgrep rules which followed security guidelines for .NET and Java.☆23Updated 4 years ago
- Manager of 14 third-party sources comprising approximately 4,000 Semgrep rules 🗂☆98Updated last month
- Cake Fuzzer is a project that is meant to help automatically and continuously discover vulnerabilities in web applications created based …☆105Updated 6 months ago
- A modular external attack surface mapping tool integrating tools for automated reconnaissance and bug bounty workflows.☆76Updated 10 months ago
- QRFuzz, a fuzzing toolkit to test malicious QR Codes in mobile applications☆46Updated last year
- Damn Vulnerable Browser Extension (DVBE), previously named as Badly Coded Browser Extension (BCBE), is an open-source vulnerable Chrome E…☆32Updated 11 months ago
- A collection of Turbo Intruder scripts.☆69Updated last year
- Community generated list of API security tests to find OWASP top10, HackerOne top 10 vulnerabilities☆41Updated this week
- Nuclei plugins to audit Chrome extensions☆65Updated last year
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆106Updated last year
- CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).☆151Updated 10 months ago
- ☆182Updated last year
- ☆42Updated 2 months ago
- Blogpost series showcasing interesting cloud - web app security bugs☆49Updated 2 years ago
- Browser-based iOS IPA security analyzer.☆46Updated 3 weeks ago