Njsscannjsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
Stars: ✭ 128 (+245.95%)
Mutual labels: devsecops, appsec
Dependency TrackDependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Stars: ✭ 718 (+1840.54%)
Mutual labels: devsecops, appsec
PurifyAll-in-one tool for managing vulnerability reports from AppSec pipelines
Stars: ✭ 72 (+94.59%)
Mutual labels: devsecops, appsec
Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (+405.41%)
Mutual labels: devsecops, appsec
Sast ScanScan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependencies. CI and Git friendly.
Stars: ✭ 234 (+532.43%)
Mutual labels: devsecops, appsec
Application Security Engineer Interview QuestionsSome of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
Stars: ✭ 267 (+621.62%)
Mutual labels: devsecops, appsec
awesome-policy-as-codeA curated list of policy-as-code resources like blogs, videos, and tools to practice on for learning Policy-as-Code.
Stars: ✭ 121 (+227.03%)
Mutual labels: appsec, devsecops
Awesome Threat ModellingA curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.
Stars: ✭ 319 (+762.16%)
Mutual labels: devsecops, appsec
Www CommunityOWASP Community Pages are a place where OWASP can accept community contributions for security-related content.
Stars: ✭ 409 (+1005.41%)
Mutual labels: appsec
DirsearchWeb path scanner
Stars: ✭ 7,246 (+19483.78%)
Mutual labels: appsec
ThreatmapperIdentify vulnerabilities in running containers, images, hosts and repositories
Stars: ✭ 361 (+875.68%)
Mutual labels: devsecops
GlueApplication Security Automation
Stars: ✭ 412 (+1013.51%)
Mutual labels: devsecops
Kamus An open source, git-ops, zero-trust secret encryption and decryption solution for Kubernetes applications
Stars: ✭ 694 (+1775.68%)
Mutual labels: appsec
Race The WebTests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.
Stars: ✭ 385 (+940.54%)
Mutual labels: appsec
CmsscanCMS Scanner: Scan Wordpress, Drupal, Joomla, vBulletin websites for Security issues
Stars: ✭ 775 (+1994.59%)
Mutual labels: devsecops
W3afw3af: web application attack and audit framework, the open source web vulnerability scanner.
Stars: ✭ 3,804 (+10181.08%)
Mutual labels: appsec
Awesome Php SecurityAwesome PHP Security Resources 🕶🐘🔐
Stars: ✭ 666 (+1700%)
Mutual labels: devsecops
Kube Scankube-scan: Octarine k8s cluster risk assessment tool
Stars: ✭ 566 (+1429.73%)
Mutual labels: devsecops
Owasp VwadThe OWASP Vulnerable Web Applications Directory project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.
Stars: ✭ 487 (+1216.22%)
Mutual labels: appsec