SecurityratOWASP SecurityRAT (version 1.x) - Tool for handling security requirements in development
Stars: ✭ 115 (-97.58%)
Juice ShopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 6,270 (+31.7%)
WstgThe Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Stars: ✭ 3,873 (-18.65%)
juice-shop-ctfCapture-the-Flag (CTF) environment setup tools for OWASP Juice Shop supporting CTFd, FBCTF and RootTheBox
Stars: ✭ 287 (-93.97%)
CheatsheetseriesThe OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Stars: ✭ 19,302 (+305.42%)
juice-shopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 7,533 (+58.22%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (-26.42%)
Juice Shop CtfCapture-the-Flag (CTF) environment setup tools for OWASP Juice Shop
Stars: ✭ 238 (-95%)
auth analyzerBurp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.
Stars: ✭ 77 (-98.38%)
VbscanOWASP VBScan is a Black Box vBulletin Vulnerability Scanner
Stars: ✭ 295 (-93.8%)
awesome-indie-android-appsA curated list & timeline of awesome android apps by indie developers / solopreneurs
Stars: ✭ 34 (-99.29%)
JWTweakDetects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.
Stars: ✭ 85 (-98.21%)
specificationSoftware Bill of Material (SBOM) standard designed for use in application security contexts and supply chain component analysis
Stars: ✭ 129 (-97.29%)
Www CommunityOWASP Community Pages are a place where OWASP can accept community contributions for security-related content.
Stars: ✭ 409 (-91.41%)
dependency-check-py🔐 Shim to easily install OWASP dependency-check-cli into Python projects
Stars: ✭ 44 (-99.08%)
dependency-track-maven-pluginMaven plugin that integrates with a Dependency Track server to submit dependency manifests and optionally fail execution when vulnerable dependencies are found.
Stars: ✭ 28 (-99.41%)
owtf-dockerDocker repository for OWTF (64-bit Kali)
Stars: ✭ 32 (-99.33%)
MaryamMaryam: Open-source Intelligence(OSINT) Framework
Stars: ✭ 371 (-92.21%)
SecurecodeboxsecureCodeBox (SCB) - continuous secure delivery out of the box
Stars: ✭ 279 (-94.14%)
my-bookshelfCollection of books/papers that I've read/I'm going to read/I would remember that they exist/It is unlikely that I'll read/I'll never read.
Stars: ✭ 49 (-98.97%)
cyclonedx-maven-pluginCreates CycloneDX Software Bill of Materials (SBOM) from Maven projects
Stars: ✭ 103 (-97.84%)
sqlinjection-training-appA simple PHP application to learn SQL Injection detection and exploitation techniques.
Stars: ✭ 56 (-98.82%)
reading-listA Chrome/Firefox extension for saving pages to read later.
Stars: ✭ 74 (-98.45%)
cyclonedx-gomodCreates CycloneDX Software Bill of Materials (SBOM) from Go modules
Stars: ✭ 27 (-99.43%)
GlueApplication Security Automation
Stars: ✭ 412 (-91.35%)
My Mac OsList of applications and tools that make my macOS experience even more amazing
Stars: ✭ 18,331 (+285.02%)
AirshipSecure Content Management for the Modern Web - "The sky is only the beginning"
Stars: ✭ 422 (-91.14%)
CIS-Ubuntu-20.04-AnsibleAnsible Role to Automate CIS v1.1.0 Ubuntu Linux 18.04 LTS, 20.04 LTS Remediation
Stars: ✭ 150 (-96.85%)
AutorizeAutomatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
Stars: ✭ 406 (-91.47%)
Tg Reading ListA text generation reading list maintained by Tsinghua Natural Language Processing Group.
Stars: ✭ 352 (-92.61%)
Application Security Engineer Interview QuestionsSome of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
Stars: ✭ 267 (-94.39%)
analytics reading lista collection of books, articles, and tutorials to learn and apply analytics
Stars: ✭ 16 (-99.66%)
Cdk ConstructsA collection of higher-level aws cdk constructs: slack-approval-workflow, #slack & msteams notifications, chatops, blue-green-container-deployment, codecommit-backup, OWASP dependency-check, contentful-webhook, github-webhook, stripe-webhook, static-website, pull-request-check, pull-request-approval-rule, codepipeline-merge-action, codepipeline-check-parameter-action...
Stars: ✭ 282 (-94.08%)
blockchain-reading-listA reading list on blockchain and related technologies, targeted at technical people who want a deep understanding of those topics.
Stars: ✭ 93 (-98.05%)
awesome-multimodal-mlReading list for research topics in multimodal machine learning
Stars: ✭ 3,125 (-34.36%)
Iotgoat IoTGoat is a deliberately insecure firmware created to educate software developers and security professionals with testing commonly found vulnerabilities in IoT devices.
Stars: ✭ 275 (-94.22%)
poc-jwtPOC about usage of JSON Web Tokens (JWT) in a secure way.
Stars: ✭ 18 (-99.62%)
TaipanWeb application vulnerability scanner
Stars: ✭ 359 (-92.46%)
containers-security-projectA place for documenting threats and mitigations related to containers orchestrators (Kubernetes, Swarm etc)
Stars: ✭ 25 (-99.47%)
cyclonedx-pythonCreates CycloneDX Software Bill of Materials (SBOM) from Python projects and environments.
Stars: ✭ 78 (-98.36%)
Awesome Nginx Security🔥 A curated list of awesome links related to application security related to the environments with NGINX or Kubernetes Ingres Controller (based on NGINX)
Stars: ✭ 417 (-91.24%)
ftwFramework for Testing WAFs (FTW!)
Stars: ✭ 106 (-97.77%)
DvwsOWSAP Damn Vulnerable Web Sockets (DVWS) is a vulnerable web application which works on web sockets for client-server communication.
Stars: ✭ 267 (-94.39%)
cyclonedx-php-composerCreate CycloneDX Software Bill of Materials (SBOM) from PHP Composer projects
Stars: ✭ 20 (-99.58%)
Damn-Vulnerable-BankDamn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android application security hacking skills.
Stars: ✭ 379 (-92.04%)
WatchdogWatchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
Stars: ✭ 345 (-92.75%)
vapivAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
Stars: ✭ 674 (-85.84%)
cwe-sdk-javascriptA Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC
Stars: ✭ 18 (-99.62%)