Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer

Stars: ✭ 267 (+132.17%)

Mutual labels: appsec, application-security

Www Community

OWASP Community Pages are a place where OWASP can accept community contributions for security-related content.

Stars: ✭ 409 (+255.65%)

Mutual labels: owasp, appsec

sqlinjection-training-app

A simple PHP application to learn SQL Injection detection and exploitation techniques.

Stars: ✭ 56 (-51.3%)

Mutual labels: application-security, appsec

Dependency Check Sonar Plugin

Integrates Dependency-Check reports into SonarQube

Stars: ✭ 332 (+188.7%)

Mutual labels: owasp, appsec

Awesome Appsec

A curated list of resources for learning about application security

Stars: ✭ 4,761 (+4040%)

Mutual labels: owasp, application-security

JWTweak

Detects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.

Stars: ✭ 85 (-26.09%)

Mutual labels: application-security, appsec

juice-shop-ctf

Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop supporting CTFd, FBCTF and RootTheBox

Stars: ✭ 287 (+149.57%)

Mutual labels: owasp, application-security

Dependency Track

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Stars: ✭ 718 (+524.35%)

Mutual labels: owasp, appsec

Owasp Vwad

The OWASP Vulnerable Web Applications Directory project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.

Stars: ✭ 487 (+323.48%)

Mutual labels: owasp, appsec

Bulwark

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

Stars: ✭ 113 (-1.74%)

Mutual labels: appsec, application-security

Zaproxy

The OWASP ZAP core project

Stars: ✭ 9,078 (+7793.91%)

Mutual labels: owasp, appsec

dependency-check-plugin

Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).

Stars: ✭ 107 (-6.96%)

Mutual labels: owasp, appsec

View All Similar Projects ➔

What is this

OWASP Security RAT (Requirement Automation Tool) is a tool supposed to assist with the problem of addressing security requirements during application development. The typical use case is:

specify parameters of the software artifact you're developing
based on this information, list of common security requirements is generated
go through the list of the requirements and choose how you want to handle the requirements
persist the state in a JIRA ticket (the state gets attached as a YAML file)
create JIRA tickets for particular requirements in a batch mode in developer queues
import the main JIRA ticket into the tool anytime in order to see progress of the particular tickets

Documentation

Please go to https://securityrat.github.io

Online Demo

Check out our brand-new online demo:

url: SecurityRAT

username: demo

password: SecurityRATdemo10!

You can play freely around with the demo version and can modify/add/delete requirements. The demo version will be resetted every 24hour (CEST)

OWASP Website

OWASP SecurityRAT

License

This project is distributed under the Apache license, Version 2.0: http://www.apache.org/licenses/LICENSE-2.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Stars: ✭ 115

Visit Git Page 🔗Visit User Page 🔗Visit Issues Page (15) 🔗