OssaOpen-Source Security Architecture | 开源安全架构
Stars: ✭ 796 (+847.62%)
SuperSecure, Unified, Powerful and Extensible Rust Android Analyzer
Stars: ✭ 340 (+304.76%)
Rapidscan🆕 The Multi-Tool Web Vulnerability Scanner.
Stars: ✭ 775 (+822.62%)
TaipanWeb application vulnerability scanner
Stars: ✭ 359 (+327.38%)
PatrowlmanagerPatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
Stars: ✭ 363 (+332.14%)
Vuln Web AppsA curated list of vulnerable web applications.
Stars: ✭ 128 (+52.38%)
JackhammerJackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
Stars: ✭ 633 (+653.57%)
VulsAgent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Stars: ✭ 8,844 (+10428.57%)
Vulny Code Static AnalysisPython script to detect vulnerabilities inside PHP source code using static analysis, based on regex
Stars: ✭ 207 (+146.43%)
ThreatplaybookA unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestration
Stars: ✭ 173 (+105.95%)
serverless-snykServerless plugin for securing your dependencies with Snyk
Stars: ✭ 40 (-52.38%)
XvwaXVWA is intentionally designed with many security flaws and enough technical ground to upskill application security knowledge. This whole idea is to evangelize web application security issues. Do let us know your suggestions for improvement or any more vulnerability you would like to see in XVWA future releases.
Stars: ✭ 1,540 (+1733.33%)
CyberQueensCyberQueens lesson materials - learning resources and exercises for aspiring reverse engineers, exploit developers, and hackers 👩💻👨💻
Stars: ✭ 30 (-64.29%)
Web MethodologyMethodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki
Stars: ✭ 142 (+69.05%)
BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (+34.52%)
vilicusVilicus is an open source tool that orchestrates security scans of container images(docker/oci) and centralizes all results into a database for further analysis and metrics.
Stars: ✭ 82 (-2.38%)
ContentSecurity automation content in SCAP, OSCAL, Bash, Ansible, and other formats
Stars: ✭ 1,219 (+1351.19%)
Androl4bA Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis
Stars: ✭ 908 (+980.95%)
akamai-arl-hackScript to test open Akamai ARL vulnerability.
Stars: ✭ 70 (-16.67%)
juice-shopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 7,533 (+8867.86%)
inthewilddbHourly updated database of exploit and exploitation reports
Stars: ✭ 127 (+51.19%)
JanusecJanusec Application Gateway, Provides Fast and Secure Application Delivery. JANUSEC应用网关,提供快速、安全的应用交付。
Stars: ✭ 771 (+817.86%)
ninjaberryNinjaberry: Raspberry Pi UI for @bettercap
Stars: ✭ 39 (-53.57%)
WstgThe Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Stars: ✭ 3,873 (+4510.71%)
JxnetJxnet is a Java library for capturing and sending custom network packet buffers with no copies. Jxnet wraps a native packet capture library (libpcap/winpcap/npcap) via JNI (Java Native Interface).
Stars: ✭ 26 (-69.05%)
Awesome DevsecopsCurating the best DevSecOps resources and tooling.
Stars: ✭ 188 (+123.81%)
PatrowlHearsDataOpen-Source Vulnerability Intelligence Center - Unified source of vulnerability, exploit and threat Intelligence feeds
Stars: ✭ 66 (-21.43%)
EvabsAn open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners.
Stars: ✭ 173 (+105.95%)
flask-vulnPretty vulnerable flask app..
Stars: ✭ 23 (-72.62%)
scan-actionAnchore container analysis and scan provided as a GitHub Action
Stars: ✭ 140 (+66.67%)
SecurityratOWASP SecurityRAT (version 1.x) - Tool for handling security requirements in development
Stars: ✭ 115 (+36.9%)
snyk-maven-pluginTest and monitor your projects for vulnerabilities with Maven. This plugin is officially maintained by Snyk.
Stars: ✭ 64 (-23.81%)
Mssqli DuetSQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing
Stars: ✭ 82 (-2.38%)
vimana-frameworkVimana is an experimental security framework that aims to provide resources for auditing Python web applications.
Stars: ✭ 47 (-44.05%)
VyapiVyAPI - A cloud based vulnerable hybrid Android App
Stars: ✭ 75 (-10.71%)
kdtCLI to interact with Kondukto
Stars: ✭ 18 (-78.57%)
NetworkAlarmA tool to monitor local network traffic for possible security vulnerabilities. Warns user against possible nmap scans, Nikto scans, credentials sent in-the-clear, and shellshock attacks. Currently supports live monitoring and network capture (pcap) scanning.
Stars: ✭ 17 (-79.76%)
dcweb三方依赖库扫描系统
Stars: ✭ 75 (-10.71%)
dirbpyThis is the new version of dirb in python
Stars: ✭ 36 (-57.14%)
Juice ShopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 6,270 (+7364.29%)
Awesome AppsecA curated list of resources for learning about application security
Stars: ✭ 4,761 (+5567.86%)
cwe-toolA command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.
Stars: ✭ 40 (-52.38%)
polscanZero-setup SSH-based scanner with extensive visualizations for Debian server inventory, policy compliance and vulnerabilities
Stars: ✭ 57 (-32.14%)
AirshipSecure Content Management for the Modern Web - "The sky is only the beginning"
Stars: ✭ 422 (+402.38%)
PyParser-CVEMulti source CVE/exploit parser.
Stars: ✭ 25 (-70.24%)
yavdbYet Another Vulnerability Database
Stars: ✭ 14 (-83.33%)
Awesome Nginx Security🔥 A curated list of awesome links related to application security related to the environments with NGINX or Kubernetes Ingres Controller (based on NGINX)
Stars: ✭ 417 (+396.43%)
Grab N RunGrab’n Run, a simple and effective Java Library for Android projects to secure dynamic code loading.
Stars: ✭ 413 (+391.67%)
pythxA Python library for the MythX smart contract security analysis platform
Stars: ✭ 30 (-64.29%)
AutorizeAutomatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
Stars: ✭ 406 (+383.33%)
Bugs-feedBug's feed is a local hosted portal where you can search for the latest news, videos, CVEs, vulnerabilities...
Stars: ✭ 90 (+7.14%)
Zxhookdetection【iOS应用安全、安全攻防】hook及越狱的基本防护与检测(动态库注入检测、hook检测与防护、越狱检测、签名校验、IDA反编译分析加密协议Demo);【数据传输安全】浅谈http、https与数据加密
Stars: ✭ 241 (+186.9%)
WatchdogWatchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
Stars: ✭ 345 (+310.71%)
CheatsheetseriesThe OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Stars: ✭ 19,302 (+22878.57%)