286 Open source projects that are alternatives of or similar to jawfish

GitHub Action to set up Fortify ScanCentral Client

Jxnet is a Java library for capturing and sending custom network packet buffers with no copies. Jxnet wraps a native packet capture library (libpcap/winpcap/npcap) via JNI (Java Native Interface).

Damn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android application security hacking skills.

Curating the best DevSecOps resources and tooling.

Bucket Flaws ( S3 Bucket Mass Scanner ): A Simple Lightweight Script to Check for Common S3 Bucket Misconfigurations

Open-Source Vulnerability Intelligence Center - Unified source of vulnerability, exploit and threat Intelligence feeds

The Open Security Summit 2020 is focused on the collaboration between, Developers and Application Security

An open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners.

scanner detecting the use of JavaScript libraries with known vulnerabilities

Pretty vulnerable flask app..

This repo has been migrated to https://github.com/github/security-lab/tree/master/SecurityExploits

A Continuous Threat Modeling methodology

Bugcrowd’s baseline priority ratings for common security vulnerabilities

Anchore container analysis and scan provided as a GitHub Action

OWASP SecurityRAT (version 1.x) - Tool for handling security requirements in development

Too buggy web application

Test and monitor your projects for vulnerabilities with Maven. This plugin is officially maintained by Snyk.

Search Exploitable Software on Linux

SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing

The Decentralized Application Security Project

Vimana is an experimental security framework that aims to provide resources for auditing Python web applications.

Added Laravel functionality to Enlightn Security Checker. Adds a command to check for, and optionally emails you, vulnerabilities when they affect you.

VyAPI - A cloud based vulnerable hybrid Android App

Repository for information about 0-days exploited in-the-wild.

CLI to interact with Kondukto

SD-WAN security and insecurity

A collection of electronic hacker magazines carefully curated over the years from multiple sources

Centralize Vulnerability Assessment and Management for DevSecOps Team

A tool to monitor local network traffic for possible security vulnerabilities. Warns user against possible nmap scans, Nikto scans, credentials sent in-the-clear, and shellshock attacks. Currently supports live monitoring and network capture (pcap) scanning.

【iOS应用安全、安全攻防】hook及越狱的基本防护与检测(动态库注入检测、hook检测与防护、越狱检测、签名校验、IDA反编译分析加密协议Demo)；【数据传输安全】浅谈http、https与数据加密

Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!

finds publicly known security vulnerabilities in a website's frontend JavaScript libraries

三方依赖库扫描系统

Damn Vulnerable Web Application Docker container

🎯 Command Injection Payload List

This is the new version of dirb in python

Select proof-of-concept exploits for software vulnerabilities to aid in identifying and testing vulnerable systems.

A curated list of resources for learning about application security

S2E: A platform for multi-path program analysis with selective symbolic execution.

A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.

cvebase is a community-driven vulnerability data platform to discover the world's top security researchers and their latest disclosed vulnerabilities & PoCs

Secure Content Management for the Modern Web - "The sky is only the beginning"

Awesome Node.js Security resources

Zero-setup SSH-based scanner with extensive visualizations for Debian server inventory, policy compliance and vulnerabilities

Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.

Grab’n Run, a simple and effective Java Library for Android projects to secure dynamic code loading.

Vulnerable Web applications Generator

A Python library for the MythX smart contract security analysis platform

Documentation and Tools for Cisco's PSIRT openVuln API

The Swiss Army knife for automated Web Application Testing

Bug's feed is a local hosted portal where you can search for the latest news, videos, CVEs, vulnerabilities...

Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop

Next generation web scanner

Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

Some good resources for getting started with application security

essential templates for kenzer

Sandfly Security Agentless Compromise and Intrusion Detection System For Linux