Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for owasp
owasp
x
612 search results found
Cheatsheetseries
⭐
26,354
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Mobile Security Framework Mobsf
⭐
16,123
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Awesome Hacking Resources
⭐
14,679
A collection of hacking / penetration testing resources to make you better!
Zaproxy
⭐
11,661
The ZAP core project
Awesome Hacking
⭐
11,438
A curated list of awesome Hacking tutorials, tools and resources
Amass
⭐
11,421
In-depth attack surface mapping and asset discovery
Juice Shop
⭐
9,577
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Wstg
⭐
6,220
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Awesome Appsec
⭐
5,722
A curated list of resources for learning about application security
Awesome Web Hacking
⭐
5,260
A list of web application security
Whatweb
⭐
5,110
Next generation web scanner
Top10
⭐
3,906
Official OWASP Top 10 Document Repository
Kubernetes Goat
⭐
3,694
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
Retire.js
⭐
3,448
scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.
Django Defectdojo
⭐
3,433
DevSecOps, ASPM, Vulnerability Management. All on one platform.
Nettacker
⭐
2,915
Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
Bluemonday
⭐
2,883
bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
Awesome Hacking
⭐
2,716
Awesome hacking is an awesome collection of hacking tools.
Awesome Nodejs Security
⭐
2,515
Awesome Node.js Security resources
Astra
⭐
2,449
Automated Security Testing For REST API's
Asvs
⭐
2,421
Application Security Verification Standard
Pentest Wiki
⭐
2,307
PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.
Find Sec Bugs
⭐
2,160
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
Dependency Track
⭐
2,119
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Hunt
⭐
2,011
Devguide
⭐
2,003
The OWASP Guide
Owasp Masvs
⭐
1,938
The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.
Api Security
⭐
1,849
OWASP API Security Project
Coreruleset
⭐
1,836
OWASP ModSecurity Core Rule Set (Official Repository)
Practical.cleanarchitecture
⭐
1,789
Full-stack .Net 8 Clean Architecture (Microservices, Modular Monolith, Monolith), Blazor, Angular 17, React 18, Vue 3, BFF with YARP, Domain-Driven Design, CQRS, SOLID, Asp.Net Core Identity Custom Storage, OpenID Connect, Entity Framework Core, Selenium, SignalR, Hosted Services, Health Checks, Rate Limiting, Cloud Services (Azure, AWS, Google)...
Themis
⭐
1,779
Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.
Awesome Golang Security
⭐
1,768
Awesome Golang Security resources 🕶🔐
Owtf
⭐
1,719
Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org https://twitter.com/owtfp
Coraza
⭐
1,629
OWASP Coraza WAF is a golang modsecurity compatible web application firewall library
Bearer
⭐
1,554
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
Devsecops
⭐
1,451
♾️ Collection and Roadmap for everyone who wants DevSecOps. Hope your DevOps are more safe 😎
Blackwidow
⭐
1,448
A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Owasp Web Checklist
⭐
1,404
OWASP Web Application Security Testing Checklist
Gotestwaf
⭐
1,354
An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses
Wrongsecrets
⭐
1,168
Vulnerable app with examples showing how to not use secrets
Awesome Threat Modelling
⭐
1,148
A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.
Awesome Devsecops
⭐
1,128
Curating the best DevSecOps resources and tooling.
Mutillidae
⭐
1,113
OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security training. This is an easy-to-use web hacking environment designed for labs, security enthusiasts, classrooms, CTF, and vulnerability assessment tool targets.
Joomscan
⭐
1,033
OWASP Joomla Vulnerability Scanner Project https://www.secologist.com/
Www Community
⭐
982
OWASP Community Pages are a place where OWASP can accept community contributions for security-related content.
Awesome Hacking
⭐
928
awesome hacking chinese version
Vapi
⭐
898
vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
Massive Web Application Penetration Testing Bug Bounty Notes
⭐
877
Vulstudy
⭐
876
使用docker快速搭建各大漏洞靶场,目前可以一键搭建17个靶场。
Crapi
⭐
859
completely ridiculous API (crAPI)
Railsgoat
⭐
827
A vulnerable version of Rails that follows the OWASP Top 10
Opendoor
⭐
821
OWASP WEB Directory Scanner
Maryam
⭐
807
Maryam: Open-source Intelligence(OSINT) Framework
Security Code Scan
⭐
801
Vulnerability Patterns Detector for C# and VB.NET
Skf Flask
⭐
794
Security Knowledge Framework (SKF) Python Flask / Angular project
Owasp Vwad
⭐
790
The OWASP Vulnerable Web Applications Directory project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.
Awesome Vulnerable
⭐
789
A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.
Zap Extensions
⭐
781
ZAP Add-ons
Awesome Vulnerable Apps
⭐
764
Awesome Vulnerable Applications
Vulnerable Code Snippets
⭐
749
Twitter vulnerable snippets
Threat Dragon
⭐
738
An open source threat modeling tool from OWASP
Freelearningresourcesforsoftwaretesters
⭐
736
A New Project to create a set of links to free Online Learning Resources for New and Experienced Software Testers.
Jshielder
⭐
677
Hardening Script for Linux Servers/ Secure LAMP-LEMP Deployer/ CIS Benchmark
Betterscan Ce
⭐
673
Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners + OpenAI GPT with One Report (Code, IaC) - Betterscan Community Edition (CE)
Securecodebox
⭐
667
secureCodeBox (SCB) - continuous secure delivery out of the box
Vampi
⭐
659
Vulnerable REST API with OWASP top 10 vulnerabilities for security testing
Nuxt Security
⭐
652
🛡 Security Module for Nuxt based on HTTP Headers and Middleware
Dvna
⭐
633
Damn Vulnerable NodeJS Application
Zsc
⭐
628
OWASP ZSC - Shellcode/Obfuscate Code Generator https://www.secologist.com/
Oscp Prep
⭐
619
A comprehensive guide/material for anyone looking to get into infosec or take the OSCP exam
Docker Security
⭐
588
Getting a handle on container security
Owasp Threat Dragon Desktop
⭐
586
An installable desktop variant of OWASP Threat Dragon
Apkhunt
⭐
580
APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is intended primarily for mobile app developers and security testers, it can be used by anyone to identify and address potential security vulnerabilities in their code.
Esapi Java Legacy
⭐
578
ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library that makes it easier for programmers to write lower-risk applications.
Devsecopsguideline
⭐
567
The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.
Cdk Constructs
⭐
561
A collection of higher-level reusable cdk constructs
Openappsec
⭐
557
open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.
Www Project Kubernetes Top Ten
⭐
533
OWASP Foundation Web Respository
Dependency Check Sonar Plugin
⭐
532
Integrates Dependency-Check reports into SonarQube
Offensive Resources
⭐
498
A Huge Learning Resources with Labs For Offensive Security Players
Glue
⭐
497
Application Security Automation
Adhrit
⭐
484
Android Security Suite for in-depth reconnaissance and static bytecode analysis based on Ghera benchmarks.
Securecodingdojo
⭐
471
The Secure Coding Dojo is a platform for delivering secure coding knowledge.
Getting Into Infosec And Cybersecurity
⭐
462
A shorter, less intimidating list of infosec resources helpful for anyone trying to learn.
Owasp Threat Dragon
⭐
440
An open source, online threat modelling tool from OWASP
Awesome Dotnet Security
⭐
430
Awesome .NET Security Resources
Python Honeypot
⭐
404
OWASP Honeypot, Automated Deception Framework.
Skf Labs
⭐
402
Repo for all the OWASP-SKF Docker lab examples
Juice Shop Ctf
⭐
399
Tool to export Juice Shop challenges and hints in data format compatible with CTFd, RootTheBox or FBCTF
Mara_framework
⭐
393
MARA is a Mobile Application Reverse engineering and Analysis Framework. It is a toolkit that puts together commonly used mobile application reverse engineering and analysis tools to assist in testing mobile applications against the OWASP mobile security threats.
Owasp Xenotix Xss Exploit Framework
⭐
393
OWASP Xenotix XSS Exploit Framework is an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework.
Samuraiwtf
⭐
383
The main SamuraiWTF collaborative distro repo.
Cdxgen
⭐
382
Creates CycloneDX Software Bill of Materials (SBOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI/CD pipeline with automatic submission to Dependency Track server. Slack: https://cyclonedx.slack.com/archives/C04NFFE1962
Owasp Pysec
⭐
373
OWASP Python Security Project
Domain Protect
⭐
369
OWASP Domain Protect - prevent subdomain takeover
Vacuum
⭐
355
vacuum is the worlds fastest OpenAPI 3, OpenAPI 2 / Swagger linter and quality analysis tool. Built in go, it tears through API specs faster than you can think. vacuum is compatible with Spectral rulesets and generates compatible reports.
Www Project Web Security Testing Guide
⭐
351
The Web Security Testing Guide (WSTG) Project produces the premier cybersecurity testing resource for web application developers and security professionals.
Zend Escaper
⭐
322
Escaper component from Zend Framework
Vbscan
⭐
322
OWASP VBScan is a Black Box vBulletin Vulnerability Scanner
Igoat Swift
⭐
315
OWASP iGoat (Swift) - A Damn Vulnerable Swift Application for iOS
1-100 of 612 search results
Next >
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.