183 skills found · Page 1 of 7
projectdiscovery / NucleiNuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
zaproxy / ZaproxyThe ZAP by Checkmarx Core project
m14r41 / PentestingEverythingComplete Solution for VAPT/AppSec and Pentesting Guide: Web | Mobile | API | Thick Client | Source Code Review | DevSecOps | Wireless | Network Pentesting | SAST | DAST etc...
analysis-tools-dev / Dynamic Analysis⚙️ A curated list of dynamic analysis tools and linters for all programming languages, binaries, and more.
zaproxy / Zap ExtensionsZAP Add-ons
zaproxy / Community ScriptsA collection of ZAP scripts and tips provided by the community - pull requests very welcome!
OWASP-Benchmark / BenchmarkJavaOWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually exploitable, it’s a fair test for any kind of vulnerability detection tool. For more details on this project, please see the OWASP Benchmark Project home page.
FuzzingLabs / Fuzzforge AIAI-powered workflow automation and AI Agents platform for AppSec, Fuzzing & Offensive Security. Automate vulnerability discovery with intelligent fuzzing, AI-driven analysis, and a marketplace of security tools.
PortSwigger / BChecksBChecks collection for Burp Suite Professional and Burp Suite DAST
0x4D31 / BurpaBurp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).
alipay / Ant Application Security Testing BenchmarkxAST评价体系,让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".
wizardforcel / Think Dast Zh:book: [译] 数据结构思维
zaproxy / Action Full ScanA GitHub Action for running the ZAP Full scan
mercedes-benz / SechubSecHub provides a central API to test software with different security tools.
zaproxy / Action BaselineA GitHub Action for running the ZAP Baseline scan
Aur0ra-m / APIKillerAPI Security DAST & Oprations
OSTEsayed / OSTE Meta ScanThe OSTE meta scanner is a comprehensive web vulnerability scanner that combines multiple DAST scanners, including Nikto Scanner, ZAP, Nuclei, SkipFish, and Wapiti.
PortSwigger / Dastardly Github ActionRuns a scan using Dastardly by Burp Suite against a target site and creates a JUnit XML report for the scan on completion.
tristanlatr / BurpaBurp Automator - A Burp Suite Automation Tool. It provides a high level CLI and Python interfaces to Burp Suite scanner and can be used to setup Dynamic Application Security Testing (DAST).
we45 / ThreatPlaybookA unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestration
