AI-powered workflow automation and AI Agents platform for AppSec, Fuzzing & Offensive Security. Automate vulnerability discovery with intelligent fuzzing, AI-driven analysis, and a marketplace of security tools.

A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestration

Cake Fuzzer is a project that is meant to help automatically and continuously discover vulnerabilities in web applications created based on specific frameworks with very limited false positives.

Security tools report parsers for Faradaysec.com

Sample Python script for automating WebInspect scans and pushing results to SSC

Probely's GitHub Action

DAST scanner(http headers, https enforcement, cookie security, TLS/SSl analysis) . Security purposes only

(in)secure git workshop 🔓+🔑 = 🔐

Automatic DevSecOps builder

Suite of web browser fuzzing tools aimed at optimising code coverage. Test case generation from a built-in Context-Free Grammar, mutation fuzzing from a corpus of scraped web pages, DOM fuzzing and more.

Comprehensive security scanner for Model Context Protocol (MCP) servers

Tool for automated scanning of the common vulnerabilities of company subdomains

Automated Security testing using ZAP Python API. This can be used with any functional UI automation tool.

Exemplo de workflow de segurança que realiza testes SAST, SCA, Secrets Scan e IaC Scan via GitHub Actions utilizando ferramentas open source.

SOOS DAST Scanning - Register for a Free Trial at https://app.soos.io/register

A demo security vault application, for training and experimenting with OWASP and security tools.

Open Redirect Hunter is a Burp Suite extension designed to automatically detect open redirect vulnerabilities in web applications.

This DAST project is designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Cross-platform test harness that assists the user in searching for vulnerabilities in web browsers, specifically by fuzzing their font parsing functionality.

Tests dynamiques de sécurité (DAST) sous OWASP Zap avec authentification via JWT/bearer token (OpenID Connect/OAuth & Kong)