JxnetJxnet is a Java library for capturing and sending custom network packet buffers with no copies. Jxnet wraps a native packet capture library (libpcap/winpcap/npcap) via JNI (Java Native Interface).
Stars: ✭ 26 (-69.05%)
Damn-Vulnerable-BankDamn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android application security hacking skills.
Stars: ✭ 379 (+351.19%)
Awesome DevsecopsCurating the best DevSecOps resources and tooling.
Stars: ✭ 188 (+123.81%)
Bucket-FlawsBucket Flaws ( S3 Bucket Mass Scanner ): A Simple Lightweight Script to Check for Common S3 Bucket Misconfigurations
Stars: ✭ 43 (-48.81%)
PatrowlHearsDataOpen-Source Vulnerability Intelligence Center - Unified source of vulnerability, exploit and threat Intelligence feeds
Stars: ✭ 66 (-21.43%)
oss2020The Open Security Summit 2020 is focused on the collaboration between, Developers and Application Security
Stars: ✭ 26 (-69.05%)
EvabsAn open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners.
Stars: ✭ 173 (+105.95%)
Retire.jsscanner detecting the use of JavaScript libraries with known vulnerabilities
Stars: ✭ 2,909 (+3363.1%)
flask-vulnPretty vulnerable flask app..
Stars: ✭ 23 (-72.62%)
SecurityexploitsThis repo has been migrated to https://github.com/github/security-lab/tree/master/SecurityExploits
Stars: ✭ 239 (+184.52%)
scan-actionAnchore container analysis and scan provided as a GitHub Action
Stars: ✭ 140 (+66.67%)
SecurityratOWASP SecurityRAT (version 1.x) - Tool for handling security requirements in development
Stars: ✭ 115 (+36.9%)
EasybuggyToo buggy web application
Stars: ✭ 189 (+125%)
snyk-maven-pluginTest and monitor your projects for vulnerabilities with Maven. This plugin is officially maintained by Snyk.
Stars: ✭ 64 (-23.81%)
Mssqli DuetSQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing
Stars: ✭ 82 (-2.38%)
DaspThe Decentralized Application Security Project
Stars: ✭ 166 (+97.62%)
vimana-frameworkVimana is an experimental security framework that aims to provide resources for auditing Python web applications.
Stars: ✭ 47 (-44.05%)
Laravel Security CheckerAdded Laravel functionality to Enlightn Security Checker. Adds a command to check for, and optionally emails you, vulnerabilities when they affect you.
Stars: ✭ 163 (+94.05%)
VyapiVyAPI - A cloud based vulnerable hybrid Android App
Stars: ✭ 75 (-10.71%)
0days In The WildRepository for information about 0-days exploited in-the-wild.
Stars: ✭ 149 (+77.38%)
kdtCLI to interact with Kondukto
Stars: ✭ 18 (-78.57%)
SdwannewhopeSD-WAN security and insecurity
Stars: ✭ 141 (+67.86%)
Hacker ezinesA collection of electronic hacker magazines carefully curated over the years from multiple sources
Stars: ✭ 72 (-14.29%)
ArcherysecCentralize Vulnerability Assessment and Management for DevSecOps Team
Stars: ✭ 1,802 (+2045.24%)
NetworkAlarmA tool to monitor local network traffic for possible security vulnerabilities. Warns user against possible nmap scans, Nikto scans, credentials sent in-the-clear, and shellshock attacks. Currently supports live monitoring and network capture (pcap) scanning.
Stars: ✭ 17 (-79.76%)
Zxhookdetection【iOS应用安全、安全攻防】hook及越狱的基本防护与检测(动态库注入检测、hook检测与防护、越狱检测、签名校验、IDA反编译分析加密协议Demo);【数据传输安全】浅谈http、https与数据加密
Stars: ✭ 241 (+186.9%)
WatchdogWatchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
Stars: ✭ 345 (+310.71%)
VulmapVulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能
Stars: ✭ 1,079 (+1184.52%)
Is Website Vulnerablefinds publicly known security vulnerabilities in a website's frontend JavaScript libraries
Stars: ✭ 1,724 (+1952.38%)
dcweb三方依赖库扫描系统
Stars: ✭ 75 (-10.71%)
dirbpyThis is the new version of dirb in python
Stars: ✭ 36 (-57.14%)
Poc ExploitsSelect proof-of-concept exploits for software vulnerabilities to aid in identifying and testing vulnerable systems.
Stars: ✭ 111 (+32.14%)
Awesome AppsecA curated list of resources for learning about application security
Stars: ✭ 4,761 (+5567.86%)
S2eS2E: A platform for multi-path program analysis with selective symbolic execution.
Stars: ✭ 102 (+21.43%)
cwe-toolA command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.
Stars: ✭ 40 (-52.38%)
Cvebase.comcvebase is a community-driven vulnerability data platform to discover the world's top security researchers and their latest disclosed vulnerabilities & PoCs
Stars: ✭ 88 (+4.76%)
AirshipSecure Content Management for the Modern Web - "The sky is only the beginning"
Stars: ✭ 422 (+402.38%)
polscanZero-setup SSH-based scanner with extensive visualizations for Debian server inventory, policy compliance and vulnerabilities
Stars: ✭ 57 (-32.14%)
ThoronThoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.
Stars: ✭ 87 (+3.57%)
Grab N RunGrab’n Run, a simple and effective Java Library for Android projects to secure dynamic code loading.
Stars: ✭ 413 (+391.67%)
VwgenVulnerable Web applications Generator
Stars: ✭ 75 (-10.71%)
pythxA Python library for the MythX smart contract security analysis platform
Stars: ✭ 30 (-64.29%)
OpenvulnapiDocumentation and Tools for Cisco's PSIRT openVuln API
Stars: ✭ 73 (-13.1%)
JaelesThe Swiss Army knife for automated Web Application Testing
Stars: ✭ 1,073 (+1177.38%)
Bugs-feedBug's feed is a local hosted portal where you can search for the latest news, videos, CVEs, vulnerabilities...
Stars: ✭ 90 (+7.14%)
Juice Shop CtfCapture-the-Flag (CTF) environment setup tools for OWASP Juice Shop
Stars: ✭ 238 (+183.33%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (+4070.24%)
Application Security Engineer Interview QuestionsSome of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
Stars: ✭ 267 (+217.86%)
CheatsheetseriesThe OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Stars: ✭ 19,302 (+22878.57%)
sandfly-setupSandfly Security Agentless Compromise and Intrusion Detection System For Linux
Stars: ✭ 45 (-46.43%)