vapivAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
Stars: ✭ 674 (+1171.7%)
VbscanOWASP VBScan is a Black Box vBulletin Vulnerability Scanner
Stars: ✭ 295 (+456.6%)
juice-shop-ctfCapture-the-Flag (CTF) environment setup tools for OWASP Juice Shop supporting CTFd, FBCTF and RootTheBox
Stars: ✭ 287 (+441.51%)
GlueApplication Security Automation
Stars: ✭ 412 (+677.36%)
CIS-Ubuntu-20.04-AnsibleAnsible Role to Automate CIS v1.1.0 Ubuntu Linux 18.04 LTS, 20.04 LTS Remediation
Stars: ✭ 150 (+183.02%)
Security Code ScanVulnerability Patterns Detector for C# and VB.NET
Stars: ✭ 550 (+937.74%)
dotnet-security-unit-testsA web application that contains several unit tests for the purpose of .NET security
Stars: ✭ 25 (-52.83%)
SecurecodeboxsecureCodeBox (SCB) - continuous secure delivery out of the box
Stars: ✭ 279 (+426.42%)
bWAPPbWAPP latest modified for PHP7
Stars: ✭ 30 (-43.4%)
Juice ShopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 6,270 (+11730.19%)
dependency-track-maven-pluginMaven plugin that integrates with a Dependency Track server to submit dependency manifests and optionally fail execution when vulnerable dependencies are found.
Stars: ✭ 28 (-47.17%)
OpendoorOWASP WEB Directory Scanner
Stars: ✭ 586 (+1005.66%)
poc-jwtPOC about usage of JSON Web Tokens (JWT) in a secure way.
Stars: ✭ 18 (-66.04%)
MaryamMaryam: Open-source Intelligence(OSINT) Framework
Stars: ✭ 371 (+600%)
ftwFramework for Testing WAFs (FTW!)
Stars: ✭ 106 (+100%)
owasp-zap-jwt-addonOWASP ZAP addon for finding vulnerabilities in JWT Implementations
Stars: ✭ 23 (-56.6%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (+6509.43%)
dependency-check-pluginJenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).
Stars: ✭ 107 (+101.89%)
ZscOWASP ZSC - Shellcode/Obfuscate Code Generator
Stars: ✭ 536 (+911.32%)
webdriverio-zap-proxyDemo - how to easily build security testing for Web App, using Zap and Glue
Stars: ✭ 58 (+9.43%)
cyclonedx-gomodCreates CycloneDX Software Bill of Materials (SBOM) from Go modules
Stars: ✭ 27 (-49.06%)
assimilation-officialThis is the official main repository for the Assimilation project
Stars: ✭ 47 (-11.32%)
Awesome AppsecA curated list of resources for learning about application security
Stars: ✭ 4,761 (+8883.02%)
specificationSoftware Bill of Material (SBOM) standard designed for use in application security contexts and supply chain component analysis
Stars: ✭ 129 (+143.4%)
JoomscanOWASP Joomla Vulnerability Scanner Project
Stars: ✭ 640 (+1107.55%)
dependency-check-py🔐 Shim to easily install OWASP dependency-check-cli into Python projects
Stars: ✭ 44 (-16.98%)
DvnaDamn Vulnerable NodeJS Application
Stars: ✭ 463 (+773.58%)
owtf-dockerDocker repository for OWTF (64-bit Kali)
Stars: ✭ 32 (-39.62%)
cyclonedx-maven-pluginCreates CycloneDX Software Bill of Materials (SBOM) from Maven projects
Stars: ✭ 103 (+94.34%)
Www CommunityOWASP Community Pages are a place where OWASP can accept community contributions for security-related content.
Stars: ✭ 409 (+671.7%)
containers-security-projectA place for documenting threats and mitigations related to containers orchestrators (Kubernetes, Swarm etc)
Stars: ✭ 25 (-52.83%)
AmassIn-depth Attack Surface Mapping and Asset Discovery
Stars: ✭ 6,284 (+11756.6%)
cyclonedx-pythonCreates CycloneDX Software Bill of Materials (SBOM) from Python projects and environments.
Stars: ✭ 78 (+47.17%)
cyclonedx-php-composerCreate CycloneDX Software Bill of Materials (SBOM) from PHP Composer projects
Stars: ✭ 20 (-62.26%)
NettackerAutomated Penetration Testing Framework
Stars: ✭ 982 (+1752.83%)
cwe-sdk-javascriptA Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC
Stars: ✭ 18 (-66.04%)
CheatsheetseriesThe OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Stars: ✭ 19,302 (+36318.87%)
OWASP-Calculator🧮 An online calculator to assess the risk of web vulnerabilities based on OWASP Risk Assessment
Stars: ✭ 109 (+105.66%)
Cdk ConstructsA collection of higher-level aws cdk constructs: slack-approval-workflow, #slack & msteams notifications, chatops, blue-green-container-deployment, codecommit-backup, OWASP dependency-check, contentful-webhook, github-webhook, stripe-webhook, static-website, pull-request-check, pull-request-approval-rule, codepipeline-merge-action, codepipeline-check-parameter-action...
Stars: ✭ 282 (+432.08%)
aks-baseline-regulatedThis is the Azure Kubernetes Service (AKS) baseline cluster for regulated workloads reference implementation as produced by the Microsoft Azure Architecture Center.
Stars: ✭ 73 (+37.74%)
Iotgoat IoTGoat is a deliberately insecure firmware created to educate software developers and security professionals with testing commonly found vulnerabilities in IoT devices.
Stars: ✭ 275 (+418.87%)
aws-firewall-factoryDeploy, update, and stage your WAFs while managing them centrally via FMS.
Stars: ✭ 72 (+35.85%)
Owasp VwadThe OWASP Vulnerable Web Applications Directory project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.
Stars: ✭ 487 (+818.87%)
DvwsOWSAP Damn Vulnerable Web Sockets (DVWS) is a vulnerable web application which works on web sockets for client-server communication.
Stars: ✭ 267 (+403.77%)
Express Securitynodejs + express security and performance boilerplate.
Stars: ✭ 37 (-30.19%)
BlackwidowA Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (+1573.58%)
Dependency TrackDependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Stars: ✭ 718 (+1254.72%)