tutorialsAdditional Resources For Securing The Stack Tutorials
Stars: ✭ 36 (-62.89%)
Juice ShopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 6,270 (+6363.92%)
Application Security Engineer Interview QuestionsSome of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
Stars: ✭ 267 (+175.26%)
juice-shopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 7,533 (+7665.98%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (+3511.34%)
vapivAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
Stars: ✭ 674 (+594.85%)
juice-shop-ctfCapture-the-Flag (CTF) environment setup tools for OWASP Juice Shop supporting CTFd, FBCTF and RootTheBox
Stars: ✭ 287 (+195.88%)
netizenshipa commandline #OSINT tool to find the online presence of a username in popular social media websites like Facebook, Instagram, Twitter, etc.
Stars: ✭ 33 (-65.98%)
CheatsheetseriesThe OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Stars: ✭ 19,302 (+19798.97%)
Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (+92.78%)
Juice Shop CtfCapture-the-Flag (CTF) environment setup tools for OWASP Juice Shop
Stars: ✭ 238 (+145.36%)
SecurityratOWASP SecurityRAT (version 1.x) - Tool for handling security requirements in development
Stars: ✭ 115 (+18.56%)
PentestingMisc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (-75.26%)
aquatoneA Tool for Domain Flyovers
Stars: ✭ 43 (-55.67%)
APAC-MeetupsA community contributed consolidated list of InfoSec meetups in the Asia Pacific region.
Stars: ✭ 52 (-46.39%)
Race The WebTests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.
Stars: ✭ 385 (+296.91%)
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (+424.74%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+7370.1%)
Oob ServerA Bind9 server for pentesters to use for Out-of-Band vulnerabilities
Stars: ✭ 125 (+28.87%)
KurukshetraKurukshetra - A framework for teaching secure coding by means of interactive problem solving.
Stars: ✭ 131 (+35.05%)
dontgo403Tool to bypass 40X response codes.
Stars: ✭ 457 (+371.13%)
dependency-check-pluginJenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).
Stars: ✭ 107 (+10.31%)
SnoopSnoop — инструмент разведки на основе открытых данных (OSINT world)
Stars: ✭ 886 (+813.4%)
nodejssecurityDocumentation for Essential Node.js Security
Stars: ✭ 64 (-34.02%)
toolkitThe essential toolkit for reversing, malware analysis, and cracking
Stars: ✭ 176 (+81.44%)
zap-sonar-pluginIntegrates OWASP Zed Attack Proxy reports into SonarQube
Stars: ✭ 66 (-31.96%)
ctf-writeupsWriteups of CTF challenges
Stars: ✭ 19 (-80.41%)
Damn-Vulnerable-BankDamn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android application security hacking skills.
Stars: ✭ 379 (+290.72%)
Infosec referenceAn Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: ✭ 4,162 (+4190.72%)
Ctf Writeups PublicWriteups for infosec Capture the Flag events by team Galaxians
Stars: ✭ 331 (+241.24%)
Name That Hash🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 3000+ other hashes ☄ Comes with a neat web app 🔥
Stars: ✭ 540 (+456.7%)
ggtfobinsGet GTFOBins info about a given exploit from the command line
Stars: ✭ 27 (-72.16%)
Pentesting toolkit🏴☠️ Tools for pentesting, CTFs & wargames. 🏴☠️
Stars: ✭ 1,268 (+1207.22%)
PurifyAll-in-one tool for managing vulnerability reports from AppSec pipelines
Stars: ✭ 72 (-25.77%)
BasecrackDecode All Bases - Base Scheme Decoder
Stars: ✭ 196 (+102.06%)
1earnffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 3,715 (+3729.9%)
Www CommunityOWASP Community Pages are a place where OWASP can accept community contributions for security-related content.
Stars: ✭ 409 (+321.65%)
Awesome AppsecA curated list of resources for learning about application security
Stars: ✭ 4,761 (+4808.25%)
Dependency TrackDependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Stars: ✭ 718 (+640.21%)
Owasp VwadThe OWASP Vulnerable Web Applications Directory project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.
Stars: ✭ 487 (+402.06%)
ZaproxyThe OWASP ZAP core project
Stars: ✭ 9,078 (+9258.76%)
Zap HudThe OWASP ZAP Heads Up Display (HUD)
Stars: ✭ 201 (+107.22%)
Python HoneypotOWASP Honeypot, Automated Deception Framework.
Stars: ✭ 160 (+64.95%)
WstgThe Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Stars: ✭ 3,873 (+3892.78%)
MyJWTA cli for cracking, testing vulnerabilities on Json Web Token(JWT)
Stars: ✭ 92 (-5.15%)
Awesome Hacking ResourcesA collection of hacking / penetration testing resources to make you better!
Stars: ✭ 11,466 (+11720.62%)
challengesSecurity challenges and CTFs created by the Penultimate team.
Stars: ✭ 13 (-86.6%)
haiti🔑 Hash type identifier (CLI & lib)
Stars: ✭ 287 (+195.88%)
NIST-to-TechAn open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
Stars: ✭ 61 (-37.11%)