AsvsA simple web app that helps developers understand the ASVS requirements.
Stars: ✭ 80 (+220%)
SlidesThe repo contains all the slide deck that was used during my presentation at various webinars, conferences, and meetups.
Stars: ✭ 56 (+124%)
Mobile Security Framework MobsfMobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Stars: ✭ 10,212 (+40748%)
www-project-csrfguardThe aim of this project is to protect Java applications against CSRF attacks with the use of Synchronizer Tokens
Stars: ✭ 43 (+72%)
ZaproxyThe OWASP ZAP core project
Stars: ✭ 9,078 (+36212%)
vilicusVilicus is an open source tool that orchestrates security scans of container images(docker/oci) and centralizes all results into a database for further analysis and metrics.
Stars: ✭ 82 (+228%)
exploitsSome of my public exploits
Stars: ✭ 50 (+100%)
Threat DragonAn open source, online threat modelling tool from OWASP
Stars: ✭ 57 (+128%)
BughoundStatic code analysis tool based on Elasticsearch
Stars: ✭ 124 (+396%)
Express Securitynodejs + express security and performance boilerplate.
Stars: ✭ 37 (+48%)
moodlescanTool for scan vulnerabilities in Moodle platforms
Stars: ✭ 54 (+116%)
BlackwidowA Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (+3448%)
Juice Shop CtfCapture-the-Flag (CTF) environment setup tools for OWASP Juice Shop
Stars: ✭ 238 (+852%)
waf-brainMachine Learning WAF Based
Stars: ✭ 74 (+196%)
Dependency TrackDependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Stars: ✭ 718 (+2772%)
SecurecodingdojoThe Secure Coding Dojo is a platform for delivering secure coding training.
Stars: ✭ 216 (+764%)
OpendoorOWASP WEB Directory Scanner
Stars: ✭ 586 (+2244%)
wafbypasserNo description or website provided.
Stars: ✭ 73 (+192%)
Zap HudThe OWASP ZAP Heads Up Display (HUD)
Stars: ✭ 201 (+704%)
ZscOWASP ZSC - Shellcode/Obfuscate Code Generator
Stars: ✭ 536 (+2044%)
Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (+648%)
webdriverio-zap-proxyDemo - how to easily build security testing for Web App, using Zap and Glue
Stars: ✭ 58 (+132%)
Awesome Hacking ResourcesA collection of hacking / penetration testing resources to make you better!
Stars: ✭ 11,466 (+45764%)
GlueApplication Security Automation
Stars: ✭ 412 (+1548%)
Securetea ProjectThe OWASP SecureTea Project provides a one-stop security solution for various devices (personal computers / servers / IoT devices)
Stars: ✭ 181 (+624%)
MaryamMaryam: Open-source Intelligence(OSINT) Framework
Stars: ✭ 371 (+1384%)
juice-shopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 7,533 (+30032%)
VbscanOWASP VBScan is a Black Box vBulletin Vulnerability Scanner
Stars: ✭ 295 (+1080%)
Zap CliA simple tool for interacting with OWASP ZAP from the commandline.
Stars: ✭ 166 (+564%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (+13912%)
AthenaTest your Security Skills, and Clean Code Development as a Pythonist, Hacker & Warrior 🥷🏻
Stars: ✭ 43 (+72%)
SecurecodeboxsecureCodeBox (SCB) - continuous secure delivery out of the box
Stars: ✭ 279 (+1016%)
Bluemondaybluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
Stars: ✭ 2,135 (+8440%)
tutorialsAdditional Resources For Securing The Stack Tutorials
Stars: ✭ 36 (+44%)
Owasp Cloud SecurityOWASP Cloud Security - Enabling conversations through threat and control stories
Stars: ✭ 148 (+492%)
assimilation-officialThis is the official main repository for the Assimilation project
Stars: ✭ 47 (+88%)
juice-shop-ctfCapture-the-Flag (CTF) environment setup tools for OWASP Juice Shop supporting CTFd, FBCTF and RootTheBox
Stars: ✭ 287 (+1048%)
Owaspheaders.coreA .NET Core middleware for injecting the Owasp recommended HTTP Headers for increased security
Stars: ✭ 138 (+452%)
dependency-track-maven-pluginMaven plugin that integrates with a Dependency Track server to submit dependency manifests and optionally fail execution when vulnerable dependencies are found.
Stars: ✭ 28 (+12%)
crAPIcompletely ridiculous API (crAPI)
Stars: ✭ 549 (+2096%)
Go AgentSqreen's Application Security Management for the Go language
Stars: ✭ 134 (+436%)
poc-jwtPOC about usage of JSON Web Tokens (JWT) in a secure way.
Stars: ✭ 18 (-28%)
Django DefectdojoDefectDojo is an open-source application vulnerability correlation and security orchestration tool.
Stars: ✭ 1,926 (+7604%)
aws-firewall-factoryDeploy, update, and stage your WAFs while managing them centrally via FMS.
Stars: ✭ 72 (+188%)
nodejssecurityDocumentation for Essential Node.js Security
Stars: ✭ 64 (+156%)
NetworkAlarmA tool to monitor local network traffic for possible security vulnerabilities. Warns user against possible nmap scans, Nikto scans, credentials sent in-the-clear, and shellshock attacks. Currently supports live monitoring and network capture (pcap) scanning.
Stars: ✭ 17 (-32%)
multi-juicerRun Capture the Flags and Security Trainings with OWASP Juice Shop
Stars: ✭ 179 (+616%)
SecurityratOWASP SecurityRAT (version 1.x) - Tool for handling security requirements in development
Stars: ✭ 115 (+360%)