BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (+32.94%)
Mutual labels: application-security, pentesting, bugbounty, appsec, vulnerability-assessment
WhatwebNext generation web scanner
Stars: ✭ 3,503 (+4021.18%)
Mutual labels: application-security, pentesting, appsec
nerdbugFull Nuclei automation script with logic explanation.
Stars: ✭ 153 (+80%)
Mutual labels: application-security, bugbounty, appsec
WatchdogWatchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
Stars: ✭ 345 (+305.88%)
Mutual labels: application-security, bugbounty, vulnerability-assessment
Juice ShopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 6,270 (+7276.47%)
Mutual labels: application-security, pentesting, appsec
DirsearchWeb path scanner
Stars: ✭ 7,246 (+8424.71%)
Mutual labels: pentesting, bugbounty, appsec
Rfi Lfi Payload List🎯 RFI/LFI Payload List
Stars: ✭ 202 (+137.65%)
Mutual labels: application-security, bugbounty, appsec
WstgThe Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Stars: ✭ 3,873 (+4456.47%)
Mutual labels: application-security, pentesting, bugbounty
www-project-zapOWASP Zed Attack Proxy project landing page.
Stars: ✭ 52 (-38.82%)
Mutual labels: appsec, vulnerability-assessment
Bucket-FlawsBucket Flaws ( S3 Bucket Mass Scanner ): A Simple Lightweight Script to Check for Common S3 Bucket Misconfigurations
Stars: ✭ 43 (-49.41%)
Mutual labels: application-security, bugbounty
juice-shopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 7,533 (+8762.35%)
Mutual labels: application-security, appsec
spring-boot-jwt-auth🔑 Sample Spring boot application secured using JWT auth in custom header(X-Auth-Token).
Stars: ✭ 57 (-32.94%)
Mutual labels: authorization, jwt-tokens
authz0🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.
Stars: ✭ 248 (+191.76%)
Mutual labels: authorization, bugbounty
AutorizeAutomatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
Stars: ✭ 406 (+377.65%)
Mutual labels: authorization, application-security
sqlinjection-training-appA simple PHP application to learn SQL Injection detection and exploitation techniques.
Stars: ✭ 56 (-34.12%)
Mutual labels: application-security, appsec
Juice Shop CtfCapture-the-Flag (CTF) environment setup tools for OWASP Juice Shop
Stars: ✭ 238 (+180%)
Mutual labels: application-security, pentesting
vapivAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
Stars: ✭ 674 (+692.94%)
Mutual labels: bugbounty, appsec
aquatoneA Tool for Domain Flyovers
Stars: ✭ 43 (-49.41%)
Mutual labels: bugbounty, appsec
juice-shop-ctfCapture-the-Flag (CTF) environment setup tools for OWASP Juice Shop supporting CTFd, FBCTF and RootTheBox
Stars: ✭ 287 (+237.65%)
Mutual labels: application-security, pentesting