zaproxy / zap-hud
The ZAP Heads Up Display (HUD)
☆253Updated last week
Related projects ⓘ
Alternatives and complementary repositories for zap-hud
- The Secure Coding Framework☆260Updated 4 years ago
- A tool geared towards pentesting APIs using OpenAPI definitions.☆168Updated 2 years ago
- OWASP Testing Guide☆110Updated 8 years ago
- ☆272Updated 3 years ago
- A simple web app that helps developers understand the ASVS requirements.☆154Updated 8 months ago
- Antora/Asciidoc content for Bjoern Kimminich's free eBook "Pwning OWASP Juice Shop"☆220Updated 3 weeks ago
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆98Updated 10 months ago
- The source of ZAP website☆64Updated this week
- ZAP Python API☆181Updated last week
- ZAP Add-ons☆836Updated this week
- A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.☆553Updated last year
- Dr. Watson is a simple Burp Suite extension that helps find assets, keys, subdomains, IP addresses, and other useful information! It's yo…☆214Updated 5 years ago
- Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"☆345Updated 4 years ago
- The DevSecOps toolset for REST APIs☆270Updated last year
- Automate security tests using Burp Suite.☆223Updated 4 months ago
- a Damn Vulnerable Serverless Application☆534Updated last year
- REST/JSON API to the Burp Suite security tool.☆547Updated 5 months ago
- A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.☆482Updated last year
- OWASP Cloud Security - Enabling conversations through threat and control stories☆177Updated 5 years ago
- Cloud-related research releases from the Rhino Security Labs team.☆355Updated 4 years ago
- Damn Vulnerable Java (EE) Application☆130Updated 9 months ago
- drHEADer helps with the audit of security headers received in response to a single request or a list of requests.☆105Updated 2 weeks ago
- A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestrat…☆274Updated 2 weeks ago
- bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.☆511Updated last year
- A collection of ZAP scripts and tips provided by the community - pull requests very welcome!☆787Updated last week
- A handy DNS service written in Go to aid in the detection of several types of blind vulnerabilities. It monitors a pentester's server for…☆188Updated 4 years ago
- Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki☆203Updated last week
- ☆75Updated 2 years ago
- Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an outp…☆457Updated last year
- Node application to help managing Maturity Models like the ones created by BSIMM and OpenSAMM☆187Updated 6 years ago