Repository navigation

#

dast

projectdiscovery / nuclei 

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.

cve-scannersubdomain-takeovernuclei-enginevulnerability-detectionvulnerability-assessmentvulnerability-scanner安全attack-surfacesecurity-scannerHacktoberfestdast
Go
22968
1 天前
zaproxy / zaproxy 

The ZAP by Checkmarx Core project

zapzap-developmentdastappseczaproxy安全security-scannerHacktoberfest
Java
13503
3 天前
analysis-tools-dev / dynamic-analysis 

⚙️ A curated list of dynamic analysis tools and linters for all programming languages, binaries, and more.

dynamicanalysisdynamic-analysisdast
Markdown
989
5 天前
zaproxy / zap-extensions 

ZAP Add-ons

zapzaproxydastappsec安全security-scannerHacktoberfest
HTML
864
2 天前
zaproxy / community-scripts 

A collection of ZAP scripts and tips provided by the community - pull requests very welcome!

appsecdastScripttipswebappseczaproxy
JavaScript
825
18 天前
alipay / ant-application-security-testing-benchmark 

xAST评价体系,让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".

applicationbenchmarkevaluation安全Testingdastiastsastsca
Java
384
19 天前
zaproxy / action-baseline 

A GitHub Action for running the ZAP Baseline scan

安全Actionsdevsecopsdast
JavaScript
326
5 个月前
zaproxy / action-full-scan 

A GitHub Action for running the ZAP Full scan

安全devsecopsActionsdast
JavaScript
304
5 个月前
mercedes-benz / sechub 

SecHub provides a central API to test software with different security tools.

安全orchestrationAPIclientServersecdevopsvulnerability-scannerssecurity-scannerdastsastappsec持续集成REST APIbuildKubernetessecurity-automationsecurity-testing
Java
301
2 天前
PortSwigger / dastardly-github-action 

Runs a scan using Dastardly by Burp Suite against a target site and creates a JUnit XML report for the scan on completion.

自动化dast安全devsecops
Dockerfile
288
9 个月前
we45 / ThreatPlaybook 

A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestration

devsecopsapplication-securitysastdastPython
Python
279
23 天前
DenisPodgurskii / pentestkit 

OWASP PTK - application security browser extension.

dastJSON Web Tokensjwt-securityowasp安全sqlinjectionxssxss-exploitation
JavaScript
143
3 个月前
karthikuj / sasori 

Sasori is a dynamic web crawler powered by Puppeteer, designed for lightning-fast endpoint discovery.

爬虫crawlingendpoint-discoveryPuppeteerscraping安全自动化dynamicdastCybersecurity
JavaScript
140
9 个月前
cerberauth / vulnapi 

API Security Vulnerability Scanner designed to help you secure your APIs.

JSON Web Tokensvulnerability-scannersCybersecuritydastGraphQLOpenAPI Specificationsecurity-scanner安全api-securityapi-testingAuthenticationauthorizationowasp-top-10api-security-testing
Go
129
7 天前
hahwul / mzap 

⚡️ Multiple target ZAP Scanning

Bug BountyHacking安全dastzaproxy
Go
104
1 年前
secdec / attack-surface-detector-burp 

The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters

dast安全pentestingvulnerability
Java
102
1 年前
Zigrin-Security / CakeFuzzer 

Cake Fuzzer is a project that is meant to help automatically and continuously discover vulnerabilities in web applications created based on specific frameworks with very limited false positives.

CybersecurityHackingiastdastsast
Python
98
1 年前
sidd-harth / kubernetes-devops-security 

Udemy Course on DevSecOps

dastDevOpsdevsecopsDockeristioJenkinsKubernetesNode.jssastsonarqubeSpring Boottrivy
Java
89
8 个月前
CyAxe / lotus 

⚡ Fast Web Security Scanner written in Rust based on Lua Scripts 🌖 🦀

自动化Rust安全devsecopsdast
Rust
84
4 个月前
projectdiscovery / fuzzing-templates 

Community curated list of nuclei templates for finding "unknown" security vulnerabilities.

dastFuzzing/Fuzz testingAPI安全nuclei
65
1 年前