SecurityRAT / Securityrat
Licence: other
OWASP SecurityRAT (version 1.x) - Tool for handling security requirements in development
Stars: ✭ 115
Programming Languages
javascript
184084 projects - #8 most used programming language
Projects that are alternatives of or similar to Securityrat
Whatweb
Next generation web scanner
Stars: ✭ 3,503 (+2946.09%)
Mutual labels: owasp, appsec, application-security
Wstg
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Stars: ✭ 3,873 (+3267.83%)
Mutual labels: owasp, appsec, application-security
Cheatsheetseries
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Stars: ✭ 19,302 (+16684.35%)
Mutual labels: owasp, appsec, application-security
juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 7,533 (+6450.43%)
Mutual labels: owasp, application-security, appsec
Juice Shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 6,270 (+5352.17%)
Mutual labels: owasp, appsec, application-security
Resources-for-Application-Security
Some good resources for getting started with application security
Stars: ✭ 97 (-15.65%)
Mutual labels: owasp, application-security, appsec
appsec awareness training
Application Security Awareness Training
Stars: ✭ 17 (-85.22%)
Mutual labels: owasp, appsec
gha-setup-scancentral-client
GitHub Action to set up Fortify ScanCentral Client
Stars: ✭ 15 (-86.96%)
Mutual labels: application-security, appsec
Application Security Engineer Interview Questions
Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
Stars: ✭ 267 (+132.17%)
Mutual labels: appsec, application-security
Www Community
OWASP Community Pages are a place where OWASP can accept community contributions for security-related content.
Stars: ✭ 409 (+255.65%)
Mutual labels: owasp, appsec
sqlinjection-training-app
A simple PHP application to learn SQL Injection detection and exploitation techniques.
Stars: ✭ 56 (-51.3%)
Mutual labels: application-security, appsec
Dependency Check Sonar Plugin
Integrates Dependency-Check reports into SonarQube
Stars: ✭ 332 (+188.7%)
Mutual labels: owasp, appsec
Awesome Appsec
A curated list of resources for learning about application security
Stars: ✭ 4,761 (+4040%)
Mutual labels: owasp, application-security
JWTweak
Detects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.
Stars: ✭ 85 (-26.09%)
Mutual labels: application-security, appsec
juice-shop-ctf
Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop supporting CTFd, FBCTF and RootTheBox
Stars: ✭ 287 (+149.57%)
Mutual labels: owasp, application-security
Dependency Track
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Stars: ✭ 718 (+524.35%)
Mutual labels: owasp, appsec
Owasp Vwad
The OWASP Vulnerable Web Applications Directory project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.
Stars: ✭ 487 (+323.48%)
Mutual labels: owasp, appsec
Bulwark
An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (-1.74%)
Mutual labels: appsec, application-security
dependency-check-plugin
Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).
Stars: ✭ 107 (-6.96%)
Mutual labels: owasp, appsec
What is this
OWASP Security RAT (Requirement Automation Tool) is a tool supposed to assist with the problem of addressing security requirements during application development. The typical use case is:
- specify parameters of the software artifact you're developing
- based on this information, list of common security requirements is generated
- go through the list of the requirements and choose how you want to handle the requirements
- persist the state in a JIRA ticket (the state gets attached as a YAML file)
- create JIRA tickets for particular requirements in a batch mode in developer queues
- import the main JIRA ticket into the tool anytime in order to see progress of the particular tickets
Documentation
Please go to https://securityrat.github.io
Online Demo
Check out our brand-new online demo:
url: SecurityRAT
username: demo
password: SecurityRATdemo10!
You can play freely around with the demo version and can modify/add/delete requirements. The demo version will be resetted every 24hour (CEST)
OWASP Website
License
This project is distributed under the Apache license, Version 2.0: http://www.apache.org/licenses/LICENSE-2.
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].