Repositories list

• attack-surface-detector-burp

  Public
  The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters

  securityvulnerabilitypentesting+ 1

  securityvulnerabilitypentestingdast

  Java

  •

  Mozilla Public License 2.0

  •3333 forks•112112 stars•44 issues•22 pull requests•Updated Dec 17, 2023Dec 17, 2023

• attack-surface-detector-zap

  Public
  The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters

  securityvulnerabilitypentesting+ 1

  securityvulnerabilitypentestingdast

  Java

  •

  Mozilla Public License 2.0

  •1515 forks•6767 stars•33 issues•11 pull request•Updated Apr 11, 2023Apr 11, 2023

• astam-correlator

  Public
  Vulnerability consolidation and management tool, enhances scan results by merging different findings of the same weakness across multiple static/dynamic scans

  securityvulnerabilitypentesting+ 3

  securityvulnerabilitypentestingsastdastvulnerability-consolidation

  Java

  •

  Mozilla Public License 2.0

  •99 forks•2424 stars•00 issues•1313 pull requests•Updated Dec 16, 2022Dec 16, 2022

• xssmap

  Public
  Intelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilities

  securityattackxss+ 6

  securityattackxsspentestingxss-scannersecurity-scannersecurity-automationsecurity-toolsreflected-xss-vulnerabilities

  Python

  •

  Apache License 2.0

  •3131 forks•151151 stars•33 issues•44 pull requests•Updated Dec 7, 2022Dec 7, 2022

• pen-test-automation

  Public
  A framework for automating penetration testing using a plugin based architecture

  securitycontinuous-integrationsecurity-tools+ 1

  securitycontinuous-integrationsecurity-toolspenetration-testing-framework

  Java

  •

  Apache License 2.0

  •1919 forks•4242 stars•00 issues•44 pull requests•Updated May 20, 2022May 20, 2022

• attack-surface-detector-cli

  Public
  Java

  •

  Mozilla Public License 2.0

  •1717 forks•8888 stars•22 issues•11 pull request•Updated Mar 16, 2022Mar 16, 2022

• adapt

  Public
  ADAPT is a tool that performs automated Penetration Testing for WebApps.

  pythonsecurityautomation+ 1

  pythonsecurityautomationvulnerability

  Python

  •

  Apache License 2.0

  •5151 forks•193193 stars•66 issues•00 pull requests•Updated Sep 24, 2019Sep 24, 2019

• DARPA007-regression

  Public
  Known content to validate predictor scripts

  00 forks•11 star•00 issues•00 pull requests•Updated Mar 18, 2019Mar 18, 2019

• threat-vector-questionnaire

  Public
  A Threat generation module that can leverage software requirements to generate threats.

  Java

  •

  Apache License 2.0

  •22 forks•22 stars•00 issues•00 pull requests•Updated Jan 14, 2019Jan 14, 2019

• codepulse-project

  Public
  Apache License 2.0

  •00 forks•00 stars•00 issues•00 pull requests•Updated Jun 6, 2018Jun 6, 2018

• cqf-ce

  Public
  A framework designed to abstract away the virtualization details of setting up an automated environment

  securitydevopscontinuous-integration+ 3

  securitydevopscontinuous-integrationthreat-modelingcyber-securityattack-modeling

  Java

  •

  Apache License 2.0

  •00 forks•33 stars•00 issues•00 pull requests•Updated Jan 16, 2018Jan 16, 2018

• dotcms-benchmark

  Public
  Vagrant configuration to setup vulnerable versions of dotCMS for security testing

  securitybenchmarkpenetration-testing+ 3

  securitybenchmarkpenetration-testingbenchmarkspentestingpentest-tool

  Shell

  •11 fork•22 stars•00 issues•00 pull requests•Updated Dec 22, 2017Dec 22, 2017

• esm-7

  Public
  Convenience wrapper around the sqlmap SQL injection tool to help with automation

  securityattackpenetration-testing+ 7

  securityattackpenetration-testingsqlisql-injectionpentestingsqli-vulnerability-scannersecurity-scannersqlinjectionsql-injection-attacks

  Shell

  •

  Apache License 2.0

  •22 forks•33 stars•00 issues•00 pull requests•Updated Dec 15, 2017Dec 15, 2017

• crydra-16

  Public
  Convenience wrapper around the Hydra brute force password cracking tool to help with automation

  securityattackhydra+ 7

  securityattackhydrapenetration-testingbrute-forcepentestingsecurity-scannersecurity-automationsecurity-toolsbrute-force-passwords

  Shell

  •

  Apache License 2.0

  •33 forks•88 stars•00 issues•00 pull requests•Updated Dec 13, 2017Dec 13, 2017