OpendoorOWASP WEB Directory Scanner
Stars: ✭ 586 (+1365%)
bWAPPbWAPP latest modified for PHP7
Stars: ✭ 30 (-25%)
Iotgoat IoTGoat is a deliberately insecure firmware created to educate software developers and security professionals with testing commonly found vulnerabilities in IoT devices.
Stars: ✭ 275 (+587.5%)
nodejssecurityDocumentation for Essential Node.js Security
Stars: ✭ 64 (+60%)
FdsploitFile Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (+397.5%)
cyclonedx-gomodCreates CycloneDX Software Bill of Materials (SBOM) from Go modules
Stars: ✭ 27 (-32.5%)
Owasp SeraphimdroidOWASP Seraphimdroid is an open source project with aim to create, as a community, an open platform for education and protection of Android users against privacy and security threats.
Stars: ✭ 62 (+55%)
specificationSoftware Bill of Material (SBOM) standard designed for use in application security contexts and supply chain component analysis
Stars: ✭ 129 (+222.5%)
AstraAutomated Security Testing For REST API's
Stars: ✭ 1,898 (+4645%)
dependency-check-py🔐 Shim to easily install OWASP dependency-check-cli into Python projects
Stars: ✭ 44 (+10%)
BreachdetectorDetect root, emulation, debug mode and other security concerns in your Xamarin apps
Stars: ✭ 57 (+42.5%)
InsiderStatic Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).
Stars: ✭ 216 (+440%)
Awesome Hacking ResourcesA collection of hacking / penetration testing resources to make you better!
Stars: ✭ 11,466 (+28565%)
www-project-web-security-testing-guideThe Web Security Testing Guide (WSTG) Project produces the premier cybersecurity testing resource for web application developers and security professionals.
Stars: ✭ 260 (+550%)
cyclonedx-maven-pluginCreates CycloneDX Software Bill of Materials (SBOM) from Maven projects
Stars: ✭ 103 (+157.5%)
containers-security-projectA place for documenting threats and mitigations related to containers orchestrators (Kubernetes, Swarm etc)
Stars: ✭ 25 (-37.5%)
AmassIn-depth Attack Surface Mapping and Asset Discovery
Stars: ✭ 1,693 (+4132.5%)
cyclonedx-pythonCreates CycloneDX Software Bill of Materials (SBOM) from Python projects and environments.
Stars: ✭ 78 (+95%)
NettackerAutomated Penetration Testing Framework
Stars: ✭ 982 (+2355%)
cyclonedx-php-composerCreate CycloneDX Software Bill of Materials (SBOM) from PHP Composer projects
Stars: ✭ 20 (-50%)
ApicheckThe DevSecOps toolset for REST APIs
Stars: ✭ 184 (+360%)
Owasp OrizonOwasp Orizon is a source code static analyzer tool designed to spot security issues in Java applications.
Stars: ✭ 130 (+225%)
cve-2016-1764Extraction of iMessage Data via XSS
Stars: ✭ 52 (+30%)
ptpPentester's Tools Parser (PTP) provides an unified way to retrieve the information from all (final goal) automated pentesting tools and assign an automated ranking for each finding.
Stars: ✭ 28 (-30%)
JoomscanOWASP Joomla Vulnerability Scanner Project
Stars: ✭ 640 (+1500%)
aws-firewall-factoryDeploy, update, and stage your WAFs while managing them centrally via FMS.
Stars: ✭ 72 (+80%)
ZscOWASP ZSC - Shellcode/Obfuscate Code Generator
Stars: ✭ 536 (+1240%)
coraza-caddyOWASP Coraza middleware for Caddy. It provides Web Application Firewall capabilities
Stars: ✭ 75 (+87.5%)
assimilation-officialThis is the official main repository for the Assimilation project
Stars: ✭ 47 (+17.5%)
AmassIn-depth Attack Surface Mapping and Asset Discovery
Stars: ✭ 6,284 (+15610%)
www-project-csrfguardThe aim of this project is to protect Java applications against CSRF attacks with the use of Synchronizer Tokens
Stars: ✭ 43 (+7.5%)
Csrf Protector PhpCSRF Protector library: standalone library for CSRF mitigation
Stars: ✭ 178 (+345%)
wafbypasserNo description or website provided.
Stars: ✭ 73 (+82.5%)
AthenaTest your Security Skills, and Clean Code Development as a Pythonist, Hacker & Warrior 🥷🏻
Stars: ✭ 43 (+7.5%)
SecurityratOWASP SecurityRAT (version 1.x) - Tool for handling security requirements in development
Stars: ✭ 115 (+187.5%)
Owasp VwadThe OWASP Vulnerable Web Applications Directory project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.
Stars: ✭ 487 (+1117.5%)
www-project-zapOWASP Zed Attack Proxy project landing page.
Stars: ✭ 52 (+30%)
WstgThe Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Stars: ✭ 3,873 (+9582.5%)
Zap CliA simple tool for interacting with OWASP ZAP from the commandline.
Stars: ✭ 166 (+315%)
Pwning Juice ShopGitBook markdown content for the eBook "Pwning OWASP Juice Shop"
Stars: ✭ 110 (+175%)
waf-brainMachine Learning WAF Based
Stars: ✭ 74 (+85%)
raiderOWASP Raider: a novel framework for manipulating the HTTP processes of persistent sessions
Stars: ✭ 88 (+120%)
Awesome AppsecA curated list of resources for learning about application security
Stars: ✭ 4,761 (+11802.5%)
zap-sonar-pluginIntegrates OWASP Zed Attack Proxy reports into SonarQube
Stars: ✭ 66 (+65%)
OwtfOffensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org https://twitter.com/owtfp
Stars: ✭ 1,516 (+3690%)
Juice ShopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 6,270 (+15575%)
juice-shopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 7,533 (+18732.5%)
tutorialsAdditional Resources For Securing The Stack Tutorials
Stars: ✭ 36 (-10%)
DvnaDamn Vulnerable NodeJS Application
Stars: ✭ 463 (+1057.5%)