OWASP ZAP is a dynamic application security testing tool and intercepting HTTP proxy used to find vulnerabilities in web applications. It functions as a penetration testing framework that enables both automated security scanning and manual security testing of running web services. The tool provides a suite of capabilities for analyzing web applications from the outside in, including the ability to capture and modify traffic between a browser and a target application. It is designed to integrate into DevSecOps pipelines to provide consistent security checks across different environments.
reconftw is an attack surface management framework and reconnaissance workflow orchestrator designed to automate the discovery, mapping, and monitoring of external digital assets. It operates as a modular tool-chain pipeline that coordinates a sequence of security tools to perform intelligence gathering and vulnerability scanning. The project distinguishes itself through a cloud-native deployment model that parallelizes scanning workloads across a fleet of remote VPS instances to bypass local resource constraints. It utilizes container-based environment isolation to ensure consistent executio
This project is a community-curated directory of open-source software designed for deployment in private server environments and home labs. It serves as a comprehensive resource for discovering independent, self-hosted alternatives to mainstream cloud services, enabling users to maintain full data ownership and control over their digital infrastructure. The directory is structured through a hierarchical taxonomy that organizes a vast collection of applications into logical categories, ranging from media management and data analytics to private communication and team productivity tools. It dis
Strix is an automated security research and vulnerability scanning platform that leverages language models to orchestrate complex security analysis tasks. It functions as a comprehensive framework for penetration testing and continuous security integration, allowing users to embed automated vulnerability research directly into development pipelines or execute it within isolated, containerized environments. The platform distinguishes itself through a multi-agent orchestration engine that coordinates specialized autonomous agents to perform parallel security assessments. By integrating LLM-agno
Este proyecto es un escáner de seguridad automatizado diseñado para identificar vulnerabilidades dentro de las capas de caché web. Funciona como una herramienta de seguridad del protocolo HTTP que sondea la infraestructura web manipulando encabezados de solicitud, parámetros y cookies para observar cómo los servidores manejan y almacenan el contenido.
Las características principales de hackmanit/web-cache-vulnerability-scanner son: Web Cache Poisoning, Cache Vulnerability Analyzers, HTTP Header Manipulators, Protocol, Security Testing Tools, Web Application Penetration Testing, Web Application Security Assessments, Traffic Proxying.
Las alternativas de código abierto para hackmanit/web-cache-vulnerability-scanner incluyen: zaproxy/zaproxy — OWASP ZAP is a dynamic application security testing tool and intercepting HTTP proxy used to find vulnerabilities in… six2dez/reconftw — reconftw is an attack surface management framework and reconnaissance workflow orchestrator designed to automate the… awesome-selfhosted/awesome-selfhosted — This project is a community-curated directory of open-source software designed for deployment in private server… usestrix/strix — Strix is an automated security research and vulnerability scanning platform that leverages language models to… dstotijn/hetty — Hetty is an HTTP intercepting proxy and web security research toolkit used to capture, inspect, and modify traffic… w-digital-scanner/w13scan — W13scan is an automated vulnerability assessment tool designed to identify security flaws in web applications through…