zaproxy / zap-hudLinks
The ZAP Heads Up Display (HUD)
☆274Updated last month
Alternatives and similar repositories for zap-hud
Users that are interested in zap-hud are comparing it to the libraries listed below
Sorting:
- Antora/Asciidoc content for Bjoern Kimminich's free eBook "Pwning OWASP Juice Shop"☆232Updated this week
- The Secure Coding Framework☆271Updated 5 years ago
- The DevSecOps toolset for REST APIs☆278Updated 3 years ago
- Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"☆357Updated 5 years ago
- This repo is no longer in use. Please refer to https://github.com/OWASP/www-project-vulnerable-web-applications-directory☆883Updated last month
- A tool geared towards pentesting APIs using OpenAPI definitions.☆186Updated 3 years ago
- Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an outp…☆491Updated 2 years ago
- A simple web app that helps developers understand the ASVS requirements. Now supporting ASVS 5.0☆163Updated 2 months ago
- A collection of ZAP scripts and tips provided by the community - pull requests very welcome!☆867Updated last week
- ZAP Add-ons☆915Updated this week
- a Damn Vulnerable Serverless Application☆544Updated 2 years ago
- bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.☆564Updated 2 years ago
- OWASP SecurityRAT (version 1.x) - Tool for handling security requirements in development☆186Updated 5 months ago
- The Pixi module is a MEAN Stack web app with wildly insecure APIs!☆132Updated 3 years ago
- These are the regexes that power truffleHog☆225Updated 3 years ago
- A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.☆558Updated 2 years ago
- drHEADer helps with the audit of security headers received in response to a single request or a list of requests.☆112Updated last year
- ☆276Updated 4 years ago
- A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.☆553Updated 2 years ago
- A simple tool for interacting with OWASP ZAP from the commandline.☆257Updated 2 years ago
- ☆173Updated 3 years ago
- Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported)☆459Updated 6 years ago
- OWASP Testing Guide☆111Updated 10 years ago
- An automation framework for running multiple open sourced subdomain bruteforcing tools (in parallel) using your own wordlists via Docker …☆260Updated 4 years ago
- Dr. Watson is a simple Burp Suite extension that helps find assets, keys, subdomains, IP addresses, and other useful information! It's yo…☆218Updated 6 years ago
- Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki☆212Updated last year
- Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem☆669Updated 4 years ago
- A starter secure code review checklist☆184Updated 7 years ago
- ☆124Updated 2 years ago
- 🏰 A Python script for AWS S3 bucket enumeration.☆145Updated 3 years ago