The ZAP by Checkmarx Core project
-
Updated
Oct 7, 2024 - Java
The ZAP by Checkmarx Core project
⚙️ A curated list of dynamic analysis tools and linters for all programming languages, binaries, and more.
ZAP Add-ons
xAST评价体系,让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".
A GitHub Action for running the ZAP Baseline scan
A GitHub Action for running the ZAP Full scan
A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestration
SecHub provides a central API to test software with different security tools.
Runs a scan using Dastardly by Burp Suite against a target site and creates a JUnit XML report for the scan on completion.
OWASP PTK - application security browser extension.
Sasori is a dynamic web crawler powered by Puppeteer, designed for lightning-fast endpoint discovery.
The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
Cake Fuzzer is a project that is meant to help automatically and continuously discover vulnerabilities in web applications created based on specific frameworks with very limited false positives.
⚡ Fast Web Security Scanner written in Rust based on Lua Scripts 🌖 🦀
The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
Curated list of security tools
An implementation of infrastructure-as-code scanning using dynamic tooling.
Add a description, image, and links to the dast topic page so that developers can more easily learn about it.
To associate your repository with the dast topic, visit your repo's landing page and select "manage topics."