dependency-check-pluginJenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).
Stars: ✭ 107 (-67.77%)
zap-sonar-pluginIntegrates OWASP Zed Attack Proxy reports into SonarQube
Stars: ✭ 66 (-80.12%)
Dependency TrackDependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Stars: ✭ 718 (+116.27%)
Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (-43.67%)
RailsgoatA vulnerable version of Rails that follows the OWASP Top 10
Stars: ✭ 699 (+110.54%)
DvwsOWSAP Damn Vulnerable Web Sockets (DVWS) is a vulnerable web application which works on web sockets for client-server communication.
Stars: ✭ 267 (-19.58%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (+955.12%)
Www CommunityOWASP Community Pages are a place where OWASP can accept community contributions for security-related content.
Stars: ✭ 409 (+23.19%)
tutorialsAdditional Resources For Securing The Stack Tutorials
Stars: ✭ 36 (-89.16%)
juice-shopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 7,533 (+2168.98%)
CheatsheetseriesThe OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Stars: ✭ 19,302 (+5713.86%)
Zap HudThe OWASP ZAP Heads Up Display (HUD)
Stars: ✭ 201 (-39.46%)
SecurityratOWASP SecurityRAT (version 1.x) - Tool for handling security requirements in development
Stars: ✭ 115 (-65.36%)
cwe-toolA command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.
Stars: ✭ 40 (-87.95%)
Juice ShopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 6,270 (+1788.55%)
Owasp VwadThe OWASP Vulnerable Web Applications Directory project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.
Stars: ✭ 487 (+46.69%)
ZaproxyThe OWASP ZAP core project
Stars: ✭ 9,078 (+2634.34%)
Hacker ezinesA collection of electronic hacker magazines carefully curated over the years from multiple sources
Stars: ✭ 72 (-78.31%)
WstgThe Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Stars: ✭ 3,873 (+1066.57%)
www-project-zapOWASP Zed Attack Proxy project landing page.
Stars: ✭ 52 (-84.34%)
nodejssecurityDocumentation for Essential Node.js Security
Stars: ✭ 64 (-80.72%)
cwe-sdk-javascriptA Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC
Stars: ✭ 18 (-94.58%)
vapivAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
Stars: ✭ 674 (+103.01%)
Android-CICDThis repo demonstrates how to work on CI/CD for Mobile Apps 📱 using Github Actions 💊 + Firebase Distribution 🎉
Stars: ✭ 37 (-88.86%)
Application Security Engineer Interview QuestionsSome of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
Stars: ✭ 267 (-19.58%)
qctf-school-2018QCTF School 2018. Developed with ♥ by Hackerdom team
Stars: ✭ 13 (-96.08%)
specificationSoftware Bill of Material (SBOM) standard designed for use in application security contexts and supply chain component analysis
Stars: ✭ 129 (-61.14%)
tyrionNo description or website provided.
Stars: ✭ 83 (-75%)
Kube HunterHunt for security weaknesses in Kubernetes clusters
Stars: ✭ 3,399 (+923.8%)
HorusecHorusec is an open source tool that improves identification of vulnerabilities in your project with just one command.
Stars: ✭ 311 (-6.33%)
vulnerabilitiesList of every possible vulnerabilities in computer security.
Stars: ✭ 14 (-95.78%)
sonar-esql-pluginSonar plugin to analyze ESQL-sourcecode of IBM Integration Bus projects
Stars: ✭ 26 (-92.17%)
phdctf-2017PHDays Online CTF 2017. Developed with ♥ by Hackerdom team
Stars: ✭ 22 (-93.37%)
juice-shop-ctfCapture-the-Flag (CTF) environment setup tools for OWASP Juice Shop supporting CTFd, FBCTF and RootTheBox
Stars: ✭ 287 (-13.55%)
template-injection-workshopWorkshop on Template Injection (6 exercises) covering Twig, Jinja2, Tornado, Velocity and Freemaker engines.
Stars: ✭ 99 (-70.18%)
dependency-check-py🔐 Shim to easily install OWASP dependency-check-cli into Python projects
Stars: ✭ 44 (-86.75%)
SnykSnyk CLI scans and monitors your projects for security vulnerabilities.
Stars: ✭ 3,643 (+997.29%)
OpenVAS-DockerA Docker Image For the Open Vulnerability Assessment Scanner (OpenVAS)
Stars: ✭ 16 (-95.18%)
dependency-track-maven-pluginMaven plugin that integrates with a Dependency Track server to submit dependency manifests and optionally fail execution when vulnerable dependencies are found.
Stars: ✭ 28 (-91.57%)
penetration testing🎩 [penetration testing Book], Kali Magic, Cryptography, Hash Crack, Botnet, Rootkit, Malware, Spyware, Python, Go, C|EH.
Stars: ✭ 57 (-82.83%)
owtf-dockerDocker repository for OWTF (64-bit Kali)
Stars: ✭ 32 (-90.36%)
aquatoneA Tool for Domain Flyovers
Stars: ✭ 43 (-87.05%)
Awesome Threat ModellingA curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.
Stars: ✭ 319 (-3.92%)
Vulapps快速搭建各种漏洞环境(Various vulnerability environment)
Stars: ✭ 3,353 (+909.94%)
Cdk ConstructsA collection of higher-level aws cdk constructs: slack-approval-workflow, #slack & msteams notifications, chatops, blue-green-container-deployment, codecommit-backup, OWASP dependency-check, contentful-webhook, github-webhook, stripe-webhook, static-website, pull-request-check, pull-request-approval-rule, codepipeline-merge-action, codepipeline-check-parameter-action...
Stars: ✭ 282 (-15.06%)
JWTweakDetects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.
Stars: ✭ 85 (-74.4%)
WriteupsThis repository contains writeups for various CTFs I've participated in (Including Hack The Box).
Stars: ✭ 61 (-81.63%)
AutoVASAutoVAS is an automated vulnerability analysis system with a deep learning approach.
Stars: ✭ 21 (-93.67%)