Awesome Open Source

Programming Languages

Search results for owasp

612 search results found

Admin Panel_finder ⭐ 110

A burp suite extension that enumerates infrastructure and application admin interfaces (OTG-CONFIG-005)

Framework for Testing WAFs (FTW!)

List Of Web Application Security ⭐ 107

List of web application security

Libsast ⭐ 106

Generic SAST Library

Software Component Verification Standard ⭐ 106

Software Component Verification Standard (SCVS)

Pentestkit ⭐ 106

OWASP PTK - application security browser extension.

Bom Examples ⭐ 105

A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)

Aks Baseline Regulated ⭐ 105

This is the Azure Kubernetes Service (AKS) baseline cluster for regulated workloads reference implementation as produced by the Microsoft Azure Architecture Center.

Software Supply Chain Security ⭐ 102

A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling, books, articles and a plethora of learning resources from the web.

Mobile App Pentest ⭐ 101

OWASP Raider: a novel framework for manipulating the HTTP processes of persistent sessions

Owasp Esapi Js ⭐ 96

An UNMAINTAINTED project originally exported from code.google.com/p/owasp-esapi-js. This project is deprecated. See the README.md for further details and possible alternatives.

[A]ndroid [A]pplication [P]entest [G]uide

OWASP BLT is a bug logging tool to report issues and get points, companies are held accountable.

Nugetdefense ⭐ 91

An MSBuildTask that checks for known vulnerabilities. Inspired by OWASP SafeNuGet.

Deeptracy ⭐ 84

The Security Dependency Orchestrator Service

Terraform Aws Waf Owasp ⭐ 84

AWS WAF at terraform modules to mitigate OWASP’s Top 10 Web Application Vulnerabilities

Awesome Security Collection ⭐ 83

1000+ Github Security Resource Collection Repos.

Web 漏洞检测工具

Kubelight ⭐ 76

OWASP Kubernetes security and compliance tool [WIP]

Threat Dragon Desktop ⭐ 76

Desktop variant of OWASP Threat Dragon

About iMAS - iOS Mobile Application

Traefik Modsecurity Plugin ⭐ 74

Traefik plugin to proxy requests to owasp/modsecurity-crs:apache container

Owasp Wte ⭐ 71

Home of the developement for OWASP WTE - the Web Testing Environment, a collection of pre-packaged Linux AppSec tools, apps and documentation used to create pre-configured VMs or installed ala carte in the Linux of your choice..

Malwarescanner ⭐ 71

Simple Malware Scanner written in python

Owasp Workshop Android Pentest ⭐ 69

Learning Penetration Testing of Android Applications

Essential Nodejs Security Book ⭐ 69

Documentation for Essential Node.js Security

Owaspwebgoatphp ⭐ 68

A deliberately vulnerable web application for learning web application security.

Resources For Application Security ⭐ 67

Some good resources for getting started with application security

Www Project Csrfguard ⭐ 67

The aim of this project is to protect Java applications against CSRF attacks with the use of Synchronizer Tokens

Ssl Baseline ⭐ 67

DevSec SSL/TLS Baseline - InSpec Profile

Zap Sonar Plugin ⭐ 66

Integrates OWASP Zed Attack Proxy reports into SonarQube

Dockermutillidae ⭐ 64

Docker container for OWASP Mutillidae II Web Pen-Test Practice Application

Djangoat ⭐ 62

Python and Django implementation of the OWASP RailsGoat project

Varnish Firewall

Cyclonedx Core Java ⭐ 61

CycloneDX SBOM Model and Utils for Creating and Validating BOMs

Cyclonedx Rust Cargo ⭐ 61

Creates CycloneDX Software Bill of Materials (SBOM) from Rust (Cargo) projects

Breachdetector ⭐ 61

Detect root, emulation, debug mode and other security concerns in your Xamarin apps

Mutillidae Docker ⭐ 60

OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security enthusiasts.

Owasp Seraphimdroid ⭐ 60

OWASP Seraphimdroid is an open source project with aim to create, as a community, an open platform for education and protection of Android users against privacy and security threats.

Wordpress Modsecurity Ruleset ⭐ 59

ModSecurity Rule Set for WordPress (WPRS)

Vulnerable Python Application To Learn Secure Development

Cyclonedx Node Npm ⭐ 58

Create CycloneDX Software Bill of Materials (SBOM) from Node.js NPM projects.

Wafbypasser ⭐ 58

Fluentsharp ⭐ 58

Fluent API for the .NET Framework (used by the O2 Platform)

Easy to use command line security scanner

Certverify ⭐ 57

A scanner that files with compromised or untrusted code signing certificates written in python.

Oshp Validator ⭐ 57

Venom tests suite to validate an HTTP security response headers configuration against OSHP recommendation.

Www Project Threat Dragon ⭐ 56

OWASP Foundation Threat Dragon Project Web Repository

Tryhackme Write Up ⭐ 56

The entire walkthrough of all my resolved TryHackMe rooms

Www Project Top 10 Low Code No Code Security Risks ⭐ 56

OWASP Low-Code/No-Code Top 10

Sso_project ⭐ 55

OWASP Single Sign-On allows a secure-by-default self-hosted SSO experience, including phishing-proof two-factor authentication, using state-of-the-art security mechanisms.

Webdriverio Zap Proxy ⭐ 54

Demo - how to easily build security testing for Web App, using Zap and Glue

Cyclonedx Go ⭐ 54

Go library to consume and produce CycloneDX Software Bill of Materials (SBOM)

Ng Owasp ⭐ 53

ng-owasp: OWASP Top 10 for AngularJS Applications

Xxelixir ⭐ 53

This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.

Auth Template ⭐ 53

A template for web apps with user auth using OWASP best practices and pedestal

Sbom Utility ⭐ 52

Utility that provides an API platform for validating, querying and managing BOM data

Awesome Infosec ⭐ 52

A curated list of awesome infosec blog posts, courses, books and more!

Sqli Postgres Rce Privesc Hacking Playground ⭐ 52

Application with SQL Injection vulnerability and possible privilege escalation. Free vulnerable app for ethical hacking / penetration testing training.

A Report Generation Tool for Security Assessment

Cyclonedx Bom Repo Server ⭐ 51

A BOM repository server for distributing CycloneDX BOMs

Dependency Track Maven Plugin ⭐ 50

Maven plugin that integrates with a Dependency Track server to submit dependency manifests and optionally fail execution when vulnerable dependencies are found.

Cyclonedx Python Lib ⭐ 50

Python library for CycloneDX

Zap Plugin ⭐ 49

The OWASP ZAP Jenkins Plugin extends the functionality of the ZAP security tool into a CI Environment.

Assimilation Official ⭐ 49

This is the official main repository for the Assimilation project

Docker Alpine Nginx Modsec ⭐ 48

Alpine build of nginx with modsec and owasp rules

Securebank ⭐ 46

Zap Scripts ⭐ 45

Zed Attack Proxy Scripts for finding CVEs and Secrets.

Conviso Vulnerable Web Application is the OSS project from the Conviso Application Security for the community. The project represents a vulnerable web application to practice security testing and improve your learning in AppSec..

An application to catch, search and analyze HTTP secure headers.

Owasp Esapi Ruby ⭐ 45

The Owasp Esapi Ruby is a port for outstanding release quality Owasp Esapi project to the Ruby programming language. The idea is to build a Ruby gem (the standard ruby library archive format) containing the Esapi concepts implemented in Ruby classes so people using Ruby in their Rails application can have security into them.

Www Project Secure Coding Practices Quick Reference Guide ⭐ 44

OWASP Foundation Project Web Repository for Secure Coding Practices Quick-reference Guide

Www Project Developer Guide ⭐ 44

OWASP Project Developer Guide - Document and Project Web pages

Threat Model Playbook ⭐ 43

Cwe Tool ⭐ 42

A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.

Test your Security Skills, and Clean Code Development as a Pythonist, Hacker & Warrior 🥷🏻

Zap Api Java ⭐ 42

Multiscanner ⭐ 40

Security Tool which scans a target using OpenVAS, Zap, and Nexpose. And consolidates the scan result.

Nakerah Lab V1 ⭐ 39

Www Project Machine Learning Security Top 10 ⭐ 39

OWASP Machine Learning Security Top 10 Project

Zap Api Nodejs ⭐ 39

Kube Owasp Zap ⭐ 38

Owasp Zap chart for Kubernetes

draft for Japanese translation of OWASP Application Security Verification Standard

Oskari Server ⭐ 38

Backend implementation for Oskari Map Application Framework

Owasp Jenkins ⭐ 38

Want to test your applications using the latest OWASP security toolchains and the NIST National Vulnerability Database using Jenkins, Ansible and docker? 🐳 🛡️ 🔒

Www Project Code Review Guide ⭐ 37

OWASP Code Review Guide Web Repository

Dependency Track Plugin ⭐ 37

Main repository for the official Dependency-Track Jenkins plugin

Embeddedappsec ⭐ 37

Embedded AppSec Best Practices

Cyclonedx Php Composer ⭐ 37

Create CycloneDX Software Bill of Materials (SBOM) from PHP Composer projects

Dependency Check Py ⭐ 37

🔐 Shim to easily install OWASP dependency-check-cli into Python projects

Android Vulnerabilities ⭐ 36

Covers Top 10 OWASP Mobile Vulnerabilities

Owasp Swag ⭐ 35

Swag for the OWASP projects and chapters

Onesie Life ⭐ 34

🔓 Onesie.life is a fictional social media network that has intentional vulnerabilities

Webgoatphp ⭐ 34

WebGoatPHP is a port of WebGoat to PHP and MySQL/SQLite databases.

Ukraine Infosec Conferences ⭐ 34

Анонси, програми та архів матеріалів українських конференцій з кібер-безпеки.

Kubernetes Ingress controller with integrated Wallarm services

HackBar Quantum is a sidebar that assists you with web application security testing, it's aim is to help make those tedious tasks a little bit easier. This add-on is a predecessor to the original HackBar that is not compatible with Firefox Quantum.

Awesome Hacking Resources ⭐ 33

201-300 of 612 search results

Privacy | About | Terms | Follow Us On Twitter

Copyright 2018-2024 Awesome Open Source. All rights reserved.