368 Open source projects that are alternatives of or similar to appsec_awareness_training

Additional Resources For Securing The Stack Tutorials

The OWASP ZAP core project

vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

OWASP SecurityRAT (version 1.x) - Tool for handling security requirements in development

Integrates OWASP Zed Attack Proxy reports into SonarQube

The OWASP ZAP Heads Up Display (HUD)

OWASP Zed Attack Proxy project landing page.

OWASP Community Pages are a place where OWASP can accept community contributions for security-related content.

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

Some good resources for getting started with application security

The OWASP Vulnerable Web Applications Directory project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.

The OWASP Vulnerable Web Applications Directory (VWAD) Project - OWASP Web Site

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

Integrates Dependency-Check reports into SonarQube

OWASP ZAP Add-ons

OWASP Code Review Guide Web Repository

Next generation web scanner

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈

Documentation for Essential Node.js Security

Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).

A simple PHP application to learn SQL Injection detection and exploitation techniques.

👻 python-training

A place for documenting threats and mitigations related to containers orchestrators (Kubernetes, Swarm etc)

Management materials and content

Web Browser Hooking Framework. Manage, execute and assess web browser vulnerabilities

A Tool for Domain Flyovers

Reference documentation for the Zwift workout file format

Software Bill of Material (SBOM) standard designed for use in application security contexts and supply chain component analysis

Ansible Role to Automate CIS v1.1.0 Ubuntu Linux 18.04 LTS, 20.04 LTS Remediation

Public site

Mobius is an AI infra platform including realtime computing and training.

Central place for the engineering/scaling WG: documentation, SLURM scripts and logs, compute environment and data.

ColdBox 120: From Zero to Hero Training

C++ Course Taught at CERN, from Sebastien Ponce (LHCb)

Presentation and exercises for the Software Sustainability Institute Research Data Visualisation Workshop (RDVW)

Creates CycloneDX Software Bill of Materials (SBOM) from Python projects and environments.

Owasp Zap chart for Kubernetes

前端新人培训

Framework for Testing WAFs (FTW!)

Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop supporting CTFd, FBCTF and RootTheBox

Apache training

SuperHeroes kata for Jetpack Developers in Kotlin

Create CycloneDX Software Bill of Materials (SBOM) from PHP Composer projects

Skoleni Gitlab CI (CI/CD)

Maxibon kata for Kotlin Developers. The main goal is to practice property based testing.

CARTO training materials

Detects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.

Creates CycloneDX Software Bill of Materials (SBOM) from Go modules

Screenshot Kata for iOS Developers. The main goal is to practice UI Testing

Dataset and Code for the paper "DepthTrack: Unveiling the Power of RGBD Tracking" (ICCV2021), and "Depth-only Object Tracking" (BMVC2021)

No description or website provided.

Nmap and NSE command line wrapper in the style of Metasploit

求职信息 组队刷题 经验交流

p2p peer-to-peer training of tensorflow models

Dart (and Flutter) library for the Traindown Markup Language. This is the reference implementation for now. It is first to receive features and fixes.

GitHub Action to set up Fortify ScanCentral Client

Vendor-Neutral Security Tool Automation Controller (over REST)

A Deliberately Insecure Web Application