Astra
zap-cli
Astra | zap-cli | |
---|---|---|
2 | 1 | |
2,434 | 225 | |
0.8% | - | |
0.0 | 0.0 | |
9 days ago | almost 1 year ago | |
Python | Python | |
Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Astra
-
Good tools for security testing after authentication?
I want to work through testing scenarios where a malicious user has valid login info and is trying to expose other users' data. Are there any good tools for testing that? I found Astra but it looks like it hasn't been updated in years. Any tutorials or guides would also be much appreciated. Thanks!
- 5 API testing tools
zap-cli
-
Automated Pen Testing With ZAP CLI
ZAP contains an API for controlling ZAP. The ZAP CLI tool is a tool which wraps the API in order that commands can be executed via the command line. In this section, you basically will perform the same or similar actions as in the previous post, except that you will not use the ZAP Desktop this time. A complete list of the commands of ZAP CLI can be found at the GitHub website.
What are some alternatives?
ripme - Downloads albums in bulk
owasp-masvs - The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.
gistyc - A Python based GitHub GIST management tool
MyZedAttackProxyPlanet
fsociety - fsociety Hacking Tools Pack – A Penetration Testing Framework
FDsploit - File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
automatic-api-attack-tool - Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an output.
faraday - Open Source Vulnerability Management Platform
crapi - A simple API client with built-in segment/header proxy support.
hawk - INACTIVE - HTTP Holder-Of-Key Authentication Scheme
turbinia - Automation and Scaling of Digital Forensics Tools