tutorialsAdditional Resources For Securing The Stack Tutorials
Stars: ✭ 36 (-89.02%)
Hacker ezinesA collection of electronic hacker magazines carefully curated over the years from multiple sources
Stars: ✭ 72 (-78.05%)
Python HoneypotOWASP Honeypot, Automated Deception Framework.
Stars: ✭ 160 (-51.22%)
ApicheckThe DevSecOps toolset for REST APIs
Stars: ✭ 184 (-43.9%)
multi-juicerRun Capture the Flags and Security Trainings with OWASP Juice Shop
Stars: ✭ 179 (-45.43%)
juice-shopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 7,533 (+2196.65%)
AstraAutomated Security Testing For REST API's
Stars: ✭ 1,898 (+478.66%)
cyclonedx-cliCycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.
Stars: ✭ 154 (-53.05%)
Owasp OrizonOwasp Orizon is a source code static analyzer tool designed to spot security issues in Java applications.
Stars: ✭ 130 (-60.37%)
SecurityratOWASP SecurityRAT (version 1.x) - Tool for handling security requirements in development
Stars: ✭ 115 (-64.94%)
FdsploitFile Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (-39.33%)
OSINTBookmarksOSINT Bookmarks for Firefox / Chrome / Edge / Safari
Stars: ✭ 34 (-89.63%)
Csrf Protector PhpCSRF Protector library: standalone library for CSRF mitigation
Stars: ✭ 178 (-45.73%)
PhpvulnAudit tool to find common vulnerabilities in PHP source code
Stars: ✭ 146 (-55.49%)
cyclonedx-dotnetCreates CycloneDX Software Bill of Materials (SBOM) from .NET Projects
Stars: ✭ 110 (-66.46%)
AmassIn-depth Attack Surface Mapping and Asset Discovery
Stars: ✭ 1,693 (+416.16%)
Find Sec BugsThe SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
Stars: ✭ 1,748 (+432.93%)
inthewilddbHourly updated database of exploit and exploitation reports
Stars: ✭ 127 (-61.28%)
crAPIcompletely ridiculous API (crAPI)
Stars: ✭ 549 (+67.38%)
OwtfOffensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org https://twitter.com/owtfp
Stars: ✭ 1,516 (+362.2%)
cwe-toolA command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.
Stars: ✭ 40 (-87.8%)
ThemisEasy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.
Stars: ✭ 1,232 (+275.61%)
Zap HudThe OWASP ZAP Heads Up Display (HUD)
Stars: ✭ 201 (-38.72%)
NIST-to-TechAn open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
Stars: ✭ 61 (-81.4%)
Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (-42.99%)
raiderOWASP Raider: a novel framework for manipulating the HTTP processes of persistent sessions
Stars: ✭ 88 (-73.17%)
Securetea ProjectThe OWASP SecureTea Project provides a one-stop security solution for various devices (personal computers / servers / IoT devices)
Stars: ✭ 181 (-44.82%)
BlueTeam.LabBlue Team detection lab created with Terraform and Ansible in Azure.
Stars: ✭ 82 (-75%)
Zap CliA simple tool for interacting with OWASP ZAP from the commandline.
Stars: ✭ 166 (-49.39%)
bank mitigationsAnti keylogger, anti screen logger... Strategy to protect with hookings or improve your sandbox with spyware detection... - Demo
Stars: ✭ 17 (-94.82%)
Bluemondaybluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
Stars: ✭ 2,135 (+550.91%)
github-watchmanMonitoring GitHub for sensitive data shared publicly
Stars: ✭ 60 (-81.71%)
Owasp Cloud SecurityOWASP Cloud Security - Enabling conversations through threat and control stories
Stars: ✭ 148 (-54.88%)
zap-sonar-pluginIntegrates OWASP Zed Attack Proxy reports into SonarQube
Stars: ✭ 66 (-79.88%)
Owaspheaders.coreA .NET Core middleware for injecting the Owasp recommended HTTP Headers for increased security
Stars: ✭ 138 (-57.93%)
SlidesThe repo contains all the slide deck that was used during my presentation at various webinars, conferences, and meetups.
Stars: ✭ 56 (-82.93%)
Go AgentSqreen's Application Security Management for the Go language
Stars: ✭ 134 (-59.15%)
Blue-Team-NotesYou didn't think I'd go and leave the blue team out, right?
Stars: ✭ 899 (+174.09%)
Django DefectdojoDefectDojo is an open-source application vulnerability correlation and security orchestration tool.
Stars: ✭ 1,926 (+487.2%)
headersAn application to catch, search and analyze HTTP secure headers.
Stars: ✭ 59 (-82.01%)
Awesome Hacking ResourcesA collection of hacking / penetration testing resources to make you better!
Stars: ✭ 11,466 (+3395.73%)
InsiderStatic Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).
Stars: ✭ 216 (-34.15%)
Mobile Security Framework MobsfMobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Stars: ✭ 10,212 (+3013.41%)
Pwning Juice ShopGitBook markdown content for the eBook "Pwning OWASP Juice Shop"
Stars: ✭ 110 (-66.46%)
qradarUnofficial third-party scripts, playbooks, and content for IBM QRadar & QRadar Community Edition.
Stars: ✭ 53 (-83.84%)
www-project-zapOWASP Zed Attack Proxy project landing page.
Stars: ✭ 52 (-84.15%)
AsvsA simple web app that helps developers understand the ASVS requirements.
Stars: ✭ 80 (-75.61%)
Juice Shop CtfCapture-the-Flag (CTF) environment setup tools for OWASP Juice Shop
Stars: ✭ 238 (-27.44%)
ZaproxyThe OWASP ZAP core project
Stars: ✭ 9,078 (+2667.68%)
SecurecodingdojoThe Secure Coding Dojo is a platform for delivering secure coding training.
Stars: ✭ 216 (-34.15%)
MurMurHashThis little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
Stars: ✭ 79 (-75.91%)
dummyDLLUtility for hunting UAC bypasses or COM/DLL hijacks that alerts on the exported function that was consumed.
Stars: ✭ 35 (-89.33%)
waf-brainMachine Learning WAF Based
Stars: ✭ 74 (-77.44%)
cheatsheetThese are some of the commands which I use frequently during Malware Analysis and DFIR.
Stars: ✭ 23 (-92.99%)
WstgThe Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Stars: ✭ 3,873 (+1080.79%)