Top 71 appsec open source projects

Integrates OWASP Zed Attack Proxy reports into SonarQube

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

Additional Resources For Securing The Stack Tutorials

In progress rough solutions to bWAPP / bee-box

OWASP Code Review Guide Web Repository

Sample scan files for testing DefectDojo imports

CryptoNice is both a command line tool and library which provides the ability to scan and report on the configuration of SSL/TLS for your internet or internal facing web services. Built using the sslyze API and ssl, http-client and dns libraries, cryptonice collects data on a given domain and performs a series of tests to check TLS configuration…

Oversecured Vulnerable iOS App

This repository contains links to awesome security articles.

A simple Java command-line utility to mirror the entire contents of VulnDB.

In my computer security courses I make extensive usage of cheatsheets for various tools and extra materials to complement the student learning if they are willing to do so. I have decided to share them to enable others to take advantage of them