OwtfOffensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org https://twitter.com/owtfp
Stars: ✭ 1,516 (+2469.49%)
Owasp OrizonOwasp Orizon is a source code static analyzer tool designed to spot security issues in Java applications.
Stars: ✭ 130 (+120.34%)
BreachdetectorDetect root, emulation, debug mode and other security concerns in your Xamarin apps
Stars: ✭ 57 (-3.39%)
Hacker ezinesA collection of electronic hacker magazines carefully curated over the years from multiple sources
Stars: ✭ 72 (+22.03%)
AstraAutomated Security Testing For REST API's
Stars: ✭ 1,898 (+3116.95%)
NettackerAutomated Penetration Testing Framework
Stars: ✭ 982 (+1564.41%)
ApicheckThe DevSecOps toolset for REST APIs
Stars: ✭ 184 (+211.86%)
SecurityratOWASP SecurityRAT (version 1.x) - Tool for handling security requirements in development
Stars: ✭ 115 (+94.92%)
AmassIn-depth Attack Surface Mapping and Asset Discovery
Stars: ✭ 6,284 (+10550.85%)
Owasp VwadThe OWASP Vulnerable Web Applications Directory project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.
Stars: ✭ 487 (+725.42%)
ThemisEasy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.
Stars: ✭ 1,232 (+1988.14%)
PhpvulnAudit tool to find common vulnerabilities in PHP source code
Stars: ✭ 146 (+147.46%)
Owasp SeraphimdroidOWASP Seraphimdroid is an open source project with aim to create, as a community, an open platform for education and protection of Android users against privacy and security threats.
Stars: ✭ 62 (+5.08%)
FdsploitFile Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (+237.29%)
AmassIn-depth Attack Surface Mapping and Asset Discovery
Stars: ✭ 1,693 (+2769.49%)
InsiderStatic Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).
Stars: ✭ 216 (+266.1%)
JoomscanOWASP Joomla Vulnerability Scanner Project
Stars: ✭ 640 (+984.75%)
Find Sec BugsThe SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
Stars: ✭ 1,748 (+2862.71%)
Csrf Protector PhpCSRF Protector library: standalone library for CSRF mitigation
Stars: ✭ 178 (+201.69%)
Juice ShopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 6,270 (+10527.12%)
Awesome AppsecA curated list of resources for learning about application security
Stars: ✭ 4,761 (+7969.49%)
DvnaDamn Vulnerable NodeJS Application
Stars: ✭ 463 (+684.75%)
AsvsA simple web app that helps developers understand the ASVS requirements.
Stars: ✭ 80 (+35.59%)
Bluemondaybluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
Stars: ✭ 2,135 (+3518.64%)
Mobile Security Framework MobsfMobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Stars: ✭ 10,212 (+17208.47%)
Zap HudThe OWASP ZAP Heads Up Display (HUD)
Stars: ✭ 201 (+240.68%)
ZaproxyThe OWASP ZAP core project
Stars: ✭ 9,078 (+15286.44%)
Owasp Cloud SecurityOWASP Cloud Security - Enabling conversations through threat and control stories
Stars: ✭ 148 (+150.85%)
Juice Shop CtfCapture-the-Flag (CTF) environment setup tools for OWASP Juice Shop
Stars: ✭ 238 (+303.39%)
Threat DragonAn open source, online threat modelling tool from OWASP
Stars: ✭ 57 (-3.39%)
Owaspheaders.coreA .NET Core middleware for injecting the Owasp recommended HTTP Headers for increased security
Stars: ✭ 138 (+133.9%)
Express Securitynodejs + express security and performance boilerplate.
Stars: ✭ 37 (-37.29%)
Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (+216.95%)
BlackwidowA Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (+1403.39%)
Go AgentSqreen's Application Security Management for the Go language
Stars: ✭ 134 (+127.12%)
cwe-toolA command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.
Stars: ✭ 40 (-32.2%)
Dependency TrackDependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Stars: ✭ 718 (+1116.95%)
Django DefectdojoDefectDojo is an open-source application vulnerability correlation and security orchestration tool.
Stars: ✭ 1,926 (+3164.41%)
OpendoorOWASP WEB Directory Scanner
Stars: ✭ 586 (+893.22%)
Securetea ProjectThe OWASP SecureTea Project provides a one-stop security solution for various devices (personal computers / servers / IoT devices)
Stars: ✭ 181 (+206.78%)
Security Code ScanVulnerability Patterns Detector for C# and VB.NET
Stars: ✭ 550 (+832.2%)
Awesome Hacking ResourcesA collection of hacking / penetration testing resources to make you better!
Stars: ✭ 11,466 (+19333.9%)
ZscOWASP ZSC - Shellcode/Obfuscate Code Generator
Stars: ✭ 536 (+808.47%)
SecurecodingdojoThe Secure Coding Dojo is a platform for delivering secure coding training.
Stars: ✭ 216 (+266.1%)
Pwning Juice ShopGitBook markdown content for the eBook "Pwning OWASP Juice Shop"
Stars: ✭ 110 (+86.44%)
Zap CliA simple tool for interacting with OWASP ZAP from the commandline.
Stars: ✭ 166 (+181.36%)
GlueApplication Security Automation
Stars: ✭ 412 (+598.31%)
EAD AttackEAD: Elastic-Net Attacks to Deep Neural Networks via Adversarial Examples
Stars: ✭ 34 (-42.37%)
alldaydevops-aismAll Day DevOps - Automated Infrastructure Security Monitoring and Defence (ELK + AWS Lambda)
Stars: ✭ 21 (-64.41%)
WstgThe Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Stars: ✭ 3,873 (+6464.41%)
Python HoneypotOWASP Honeypot, Automated Deception Framework.
Stars: ✭ 160 (+171.19%)