Alternatives and similar repositories for zaproxy

Users that are interested in zaproxy are comparing it to the libraries listed below

• andresriancho / w3af
  w3af: web application attack and audit framework, the open source web vulnerability scanner.
  ☆4,738Updated 2 years ago
• sullo / nikto
  Nikto web server scanner
  ☆9,435Updated this week
• Arachni / arachni
  Web Application Security Scanner Framework
  ☆3,924Updated last month
• urbanadventurer / WhatWeb
  Next generation web scanner
  ☆5,956Updated 11 months ago
• greenbone / openvas-scanner
  This repository contains the scanner component for Greenbone Community Edition.
  ☆3,941Updated this week
• beefproject / beef
  The Browser Exploitation Framework Project
  ☆10,302Updated this week
• xmendez / wfuzz
  Web application fuzzer
  ☆6,220Updated 10 months ago
• digininja / DVWA
  Damn Vulnerable Web Application (DVWA)
  ☆11,444Updated 3 weeks ago
• sqlmapproject / sqlmap
  Automatic SQL injection and database takeover tool
  ☆34,716Updated this week
• infobyte / faraday
  Open Source Vulnerability Management Platform
  ☆5,519Updated last month
• WebGoat / WebGoat
  WebGoat is a deliberately insecure application
  ☆7,601Updated 2 weeks ago
• OWASP / Top10
  Official OWASP Top 10 Document Repository
  ☆4,665Updated 7 months ago
• wpscanteam / wpscan
  WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websit…
  ☆9,095Updated 3 weeks ago
• rapid7 / metasploit-framework
  Metasploit Framework
  ☆35,888Updated this week
• offensive-security / exploitdb
  The legacy Exploit Database repository - New repo located at https://gitlab.com/exploit-database/exploitdb
  ☆7,794Updated 2 years ago
• fuzzdb-project / fuzzdb
  Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
  ☆8,579Updated last year
• owasp-modsecurity / ModSecurity
  ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. It has a robust event-base…
  ☆8,985Updated last week
• projectdiscovery / subfinder
  Fast passive subdomain enumeration tool.
  ☆11,952Updated 2 weeks ago
• owasp-amass / amass
  In-depth attack surface mapping and asset discovery
  ☆13,228Updated this week
• rapid7 / metasploitable3
  Metasploitable3 is a VM that is built from the ground up with a large amount of security vulnerabilities.
  ☆5,111Updated 5 months ago
• OJ / gobuster
  Directory/File, DNS and VHost busting tool written in Go
  ☆12,142Updated last week
• RetireJS / retire.js
  scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.
  ☆3,885Updated 2 weeks ago
• michenriksen / gitrob
  Reconnaissance tool for GitHub organizations
  ☆6,043Updated 2 years ago
• michenriksen / aquatone
  A Tool for Domain Flyovers
  ☆5,790Updated 3 years ago
• ffuf / ffuf
  Fast web fuzzer written in Go
  ☆14,253Updated 2 months ago
• EnableSecurity / wafw00f
  WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
  ☆5,744Updated 6 months ago
• commixproject / commix
  Automated All-in-One OS Command Injection Exploitation Tool.
  ☆5,327Updated this week
• OWASP / Nettacker
  Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
  ☆4,318Updated this week
• guardicore / monkey
  Infection Monkey - An open-source adversary emulation platform
  ☆6,821Updated 2 months ago
• flipkart-incubator / Astra
  Automated Security Testing For REST API's
  ☆2,592Updated last year