zaproxy / zap-hud

Related projects ⓘ

Alternatives and complementary repositories for zap-hud

• OWASP / RiskAssessmentFramework
  The Secure Coding Framework
  ☆260Updated 4 years ago
• RhinoSecurityLabs / Swagger-EZ
  A tool geared towards pentesting APIs using OpenAPI definitions.
  ☆168Updated 2 years ago
• OWASP / OWASP-Testing-Guide
  OWASP Testing Guide
  ☆110Updated 8 years ago
• tomdev / teh_s3_bucketeers
  ☆272Updated 3 years ago
• Santandersecurityresearch / asvs
  A simple web app that helps developers understand the ASVS requirements.
  ☆154Updated 8 months ago
• juice-shop / pwning-juice-shop
  Antora/Asciidoc content for Bjoern Kimminich's free eBook "Pwning OWASP Juice Shop"
  ☆220Updated 3 weeks ago
• secdec / attack-surface-detector-burp
  The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
  ☆98Updated 10 months ago
• zaproxy / zaproxy-website
  The source of ZAP website
  ☆64Updated this week
• zaproxy / zap-api-python
  ZAP Python API
  ☆181Updated last week
• zaproxy / zap-extensions
  ZAP Add-ons
  ☆836Updated this week
• nccgroup / tracy
  A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.
  ☆553Updated last year
• prodigysml / Dr.-Watson
  Dr. Watson is a simple Burp Suite extension that helps find assets, keys, subdomains, IP addresses, and other useful information! It's yo…
  ☆214Updated 5 years ago
• doyensec / burpdeveltraining
  Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"
  ☆345Updated 4 years ago
• BBVA / apicheck
  The DevSecOps toolset for REST APIs
  ☆270Updated last year
• NetsOSS / headless-burp
  Automate security tests using Burp Suite.
  ☆223Updated 4 months ago
• OWASP / DVSA
  a Damn Vulnerable Serverless Application
  ☆534Updated last year
• vmware / burp-rest-api
  REST/JSON API to the Burp Suite security tool.
  ☆547Updated 5 months ago
• RhinoSecurityLabs / GCPBucketBrute
  A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.
  ☆482Updated last year
• owasp-cloud-security / owasp-cloud-security
  OWASP Cloud Security - Enabling conversations through threat and control stories
  ☆177Updated 5 years ago
• RhinoSecurityLabs / Cloud-Security-Research
  Cloud-related research releases from the Rhino Security Labs team.
  ☆355Updated 4 years ago
• appsecco / dvja
  Damn Vulnerable Java (EE) Application
  ☆130Updated 9 months ago
• Santandersecurityresearch / DrHeader
  drHEADer helps with the audit of security headers received in response to a single request or a list of requests.
  ☆105Updated 2 weeks ago
• we45 / ThreatPlaybook
  A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestrat…
  ☆274Updated 2 weeks ago
• LewisArdern / bXSS
  bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
  ☆511Updated last year
• zaproxy / community-scripts
  A collection of ZAP scripts and tips provided by the community - pull requests very welcome!
  ☆787Updated last week
• allyomalley / dnsobserver
  A handy DNS service written in Go to aid in the detection of several types of blind vulnerabilities. It monitors a pentester's server for…
  ☆188Updated 4 years ago
• tprynn / web-methodology
  Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki
  ☆203Updated last week
• secdec / attack-surface-detector-cli
  ☆75Updated 2 years ago
• imperva / automatic-api-attack-tool
  Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an outp…
  ☆457Updated last year
• OWASP / Maturity-Models
  Node application to help managing Maturity Models like the ones created by BSIMM and OpenSAMM
  ☆187Updated 6 years ago