Added ACSTIS to Web Scanning

ACSTIS enables automated client-side template injection (sandbox escape/bypass) detection for AngularJS.
This commit is contained in:
Tijme Gommers 2017-10-25 17:02:39 +02:00 committed by GitHub
parent 5088425d6c
commit 4539d14e4d

View file

@ -234,6 +234,7 @@ Thanks to all [contributors](https://github.com/sbilly/awesome-security/graphs/c
- [w3af](http://w3af.org/) - w3af is a Web Application Attack and Audit Framework. The projects goal is to create a framework to help you secure your web applications by finding and exploiting all web application vulnerabilities. - [w3af](http://w3af.org/) - w3af is a Web Application Attack and Audit Framework. The projects goal is to create a framework to help you secure your web applications by finding and exploiting all web application vulnerabilities.
- [Recon-ng](https://bitbucket.org/LaNMaSteR53/recon-ng) - Recon-ng is a full-featured Web Reconnaissance framework written in Python. Recon-ng has a look and feel similar to the Metasploit Framework. - [Recon-ng](https://bitbucket.org/LaNMaSteR53/recon-ng) - Recon-ng is a full-featured Web Reconnaissance framework written in Python. Recon-ng has a look and feel similar to the Metasploit Framework.
- [PTF](https://github.com/trustedsec/ptf) - The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools. - [PTF](https://github.com/trustedsec/ptf) - The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.
- [ACSTIS](https://github.com/tijme/angularjs-csti-scanner) - ACSTIS helps you to scan certain web applications for AngularJS Client-Side Template Injection (sometimes referred to as CSTI, sandbox escape or sandbox bypass). It supports scanning a single request but also crawling the entire web application for the AngularJS CSTI vulnerability.
### Runtime Application Self-Protection ### Runtime Application Self-Protection