Awesome Open Source

Programming Languages

Search results for owasp top 10

57 search results found

Juice Shop ⭐ 9,577

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

Sql Injection Payload List ⭐ 3,966

🎯 SQL Injection Payload List

Mutillidae ⭐ 1,113

OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security training. This is an easy-to-use web hacking environment designed for labs, security enthusiasts, classrooms, CTF, and vulnerability assessment tool targets.

vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.

Massive Web Application Penetration Testing Bug Bounty Notes ⭐ 877

Secdevlabs ⭐ 830

A laboratory for learning secure web and mobile development in a practical manner.

Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure

Damn Vulnerable NodeJS Application

Offensive Resources ⭐ 498

A Huge Learning Resources with Labs For Offensive Security Players

Igoat Swift ⭐ 315

OWASP iGoat (Swift) - A Damn Vulnerable Swift Application for iOS

Local Sheriff ⭐ 300

Think of Local sheriff as a recon tool in your browser (WebExtension). While you normally browse the internet, Local Sheriff works in the background to empower you in identifying what data points (PII) are being shared / leaked to which all third-parties.

Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking. https://gapps.darkbanner.com

Forbidden ⭐ 208

Bypass 4xx HTTP response status codes and more. Based on PycURL and Python Requests.

Aws Firewall Factory ⭐ 205

Easily improve the security of your web applications with aws firewall factory. Protect your valuable assets with seamless WAF deployment, updates, and staging, all efficiently managed centrally with Firewall Manager.

Backup Finder ⭐ 129

A burp suite extension that reviews backup, old, temporary and unreferenced files on web server for sensitive information (OWASP WSTG-CONF-04, OTG-CONFIG-004)

Vulnplanet ⭐ 123

Vulnerable code snippets with fixes for Web2, Web3, API, iOS, Android and Infrastructure-as-Code (IaC)

Cve 2022 23808 ⭐ 110

Admin Panel_finder ⭐ 110

A burp suite extension that enumerates infrastructure and application admin interfaces (OTG-CONFIG-005)

Cybersecurity Handbook ⭐ 108

Cybersecurity handbook by One Beyond

Reactive Spring Security 5 Workshop ⭐ 103

Hands-On workshop for securing a reactive spring boot 2 application in multiple steps

Terraform Aws Waf Owasp Top 10 Rules ⭐ 87

A Terraform module to create AWF WAF Rules for OWASP Top 10 security risks protection.

Deeptracy ⭐ 84

The Security Dependency Orchestrator Service

Microservice Patterns ⭐ 67

Code to share the knowledge I gained while designing and implementing micro services

Www Project Top 10 Low Code No Code Security Risks ⭐ 56

OWASP Low-Code/No-Code Top 10

Vulwebaju ⭐ 51

VulWebaju is a platform that automates setting up your pen-testing environment for learning purposes.

Www Project Machine Learning Security Top 10 ⭐ 39

OWASP Machine Learning Security Top 10 Project

Tests Library ⭐ 27

Community generated list of API security tests to find OWASP top10, HackerOne top 10 vulnerabilities

Sqlinjection Training App ⭐ 27

A simple PHP application to learn SQL Injection detection and exploitation techniques.

Web Api Core Seed ⭐ 27

The objective of this project was to implement the most commonly used technologies, and to share as a base project for WEB API in NET Core 3.1

Automated API security testing

Clearlead ⭐ 20

The name is clear, the concept is simple. Run this to assess the external footprint of a given website. Hopefully, there will be a clear lead to follow.

Payload For Security Testing ⭐ 18

List out all of payload for security testing

A Deliberately Insecure Web Application

bWAPP latest modified for PHP7

Cloud Native Microservices Security ⭐ 14

Cloud-Native Microservice Security Bootcamp

Workshop Devsecops ⭐ 12

La intención de la workshop es mostrar y orientar a los equipos de desarrollo, seguridad y devops (entre otros) que quieran comenzar en DevSecOps, a segurar sus aplicaciones o bien a conocer un poco más acerca del desarrollo seguro, para esto, estaremos otorgando algunos tips e información que fuimos aprendiendo para armar un Pipeline DevSecOps básico.

Tryhackme Zero To Hero ⭐ 11

TryHackMe Roadmap

Hacking_tools ⭐ 11

All Type Of Tools written in multipule language .

Insecure Deserialisation Net Poc ⭐ 10

A small webserver vulnerable to insecure deserialization

Cyberspace ⭐ 10

View https://linktr.ee/martian1337 for the Gitbook!!

Owasp4net ⭐ 10

Demonstration of OWASP top 10 vulnerabilities in ASP.NET MVC

A (purpousely) vulnerable, social-media-like, django web application

Acquirer.sh ⭐ 9

acquirer.sh A Automated recon script made by @AlbonyCal

Appsec Notes ⭐ 9

My Application Security Notes - web, mobile, thick client, API, and more.

Mutillidae Dockerhub ⭐ 9

OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security enthusiasts.

Nodueproject ⭐ 8

An automated system for requesting and approving no-due certificates for students at the end of each semester for universities and colleges.

Dvwa Writeup ⭐ 8

This repository contains writeups for Damn Vulnerable Web Application (DVWA).

Penetration Testing ⭐ 7

Offensive penetration testing. Perform multiple attack types against web applications, vulnerable programs and OSes in predefined and safe test environment

Ssti Flask Hacking Playground ⭐ 7

App with Server Side Template Injection (SSTI) vulnerability - in Flask. For web penetration testing / ethical hacking. Possible RCE :)

[Archived] A prototype 3-tier web application written in PureScript.

Xss_vulnerability_challenges ⭐ 5

this repository is a docker containing some "XSS vulnerability" challenges and bypass examples.

Owasp Webgoat Dot Net Docker ⭐ 5

Docker container for running OWASP WebGoat.NET application

Xss_finder ⭐ 5

Cross-Site Scripting (XSS) is one of the most well known web application vulnerabilities. It even has a dedicated chapter in the OWASP Top 10 project and it is a highly chased vulnerability in bug bounty programs. The xss finder gets a link from the user and scan the website for XSS vulnerability by injecting malicious scripts at the input place.

Bug Bounty Testing Essential Guideline Startup Bug Hunters ⭐ 5

Bug Bounty Testing Essential Guideline : Startup Bug Hunters

Cross Site Scripting ⭐ 5

🐞 Understand how cross-site scripting occurs, how to detect and exploit XSS vulnerabilities, giving you control of other visitor's browsers.

Kick Off Owasp_webapp_security_vulnerabilities ⭐ 5

Want to keep your Web application from getting hacked? Here's how to get serious about secure apps. So let's do it! Open Friday, Aug 2016 - Presentation Notes.

BSides, OWASP, DEFCON, RSAC, SANS Talk Material, References and Extra Bits

1-57 of 57 search results

Privacy | About | Terms | Follow Us On Twitter

Copyright 2018-2024 Awesome Open Source. All rights reserved.