Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for python application security
application-security
x
python
x
27 search results found
Dirsearch
⭐
11,165
Web path scanner
Faraday
⭐
4,422
Open Source Vulnerability Management Platform
W3af
⭐
4,142
w3af: web application attack and audit framework, the open source web vulnerability scanner.
Django Defectdojo
⭐
3,336
DevSecOps, ASPM, Vulnerability Management. All on one platform.
Cicd Goat
⭐
1,723
A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.
Publications
⭐
1,270
Publications from Trail of Bits
Sast Scan
⭐
697
Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependencies. CI and Git friendly.
Spoofy
⭐
394
Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.
Badsecrets
⭐
353
A library for detecting known secrets across many web frameworks
Njsscan
⭐
318
njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
Watchdog
⭐
309
Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
Agartha
⭐
292
a burp extension creates dynamic payloads to reveal injection flaws(LFI, RCE, SQLi), generates user access tables to spot authentication/authorization issues, and copys Http requests as JavaScript code.
Threatplaybook
⭐
266
A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestration
Threat Model Cookbook
⭐
229
This project is about creating and publishing threat model examples.
Spamscope
⭐
224
Fast Advanced Spam Analysis Tool
Crimson
⭐
194
Web Application Security Testing Tools
Pycript
⭐
153
Burp Suite extension for bypassing client-side encryption using custom logic for pentesting and bug bounty
Mi X
⭐
138
Determine whether your compute is truly vulnerable to a specific vulnerability by accounting for all factors which affect *actual* exploitability (runtime execution, configuration, permissions, existence of a mitigation, OS, etc..)
Vulnerable Soap Service
⭐
138
Erlik - Vulnerable Soap Service
Vulnerable Flask App
⭐
121
Erlik 2 - Vulnerable-Flask-App
Bag Of Holding
⭐
107
An application to assist in the organization and prioritization of software security activities.
Blisqy
⭐
107
Version 0.2 - Exploit Time-based blind-SQL injection in HTTP-Headers (MySQL/MariaDB).
Libsast
⭐
106
Generic SAST Library
Websocket Fuzzer
⭐
100
HTML5 WebSocket message fuzzer
Jwtweak
⭐
99
Detects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.
Swisskyrepo Payloadsallthethings
⭐
96
https://github.com/swisskyrepo/PayloadsAllTheThing
Jwt Fuzzer
⭐
90
JWT fuzzer
Dvfaas Damn Vulnerable Functions As A Service
⭐
78
Intentionally Vulnerable Serverless Functions to understand the specifics of Serverless Security Vulnerabilities
Jawfish
⭐
72
Tool for breaking into web applications.
Cryptonice
⭐
67
CryptoNice is both a command line tool and library which provides the ability to scan and report on the configuration of SSL/TLS for your internet or internal facing web services. Built using the sslyze API and ssl, http-client and dns libraries, cryptonice collects data on a given domain and performs a series of tests to check TLS configuration and supporting protocols such as HTTP2 and DNS.
Grepmarx
⭐
66
A source code static analysis platform for AppSec enthusiasts.
Mssqli Duet
⭐
57
SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing
Vimana Framework
⭐
50
Vimana is an experimental security framework that aims to provide resources for auditing Python web applications.
Ziti Sdk Py
⭐
45
Ziti SDK for Python
Hiccup
⭐
40
[DEPRECATED] Hiccup is a framework that allows the Burp Suite (a web application security testing tool, http://portswigger.net/burp/) to be extended and customized, through the interface provided by Burp Extender (http://portswigger.net/burp/extender/). Its aim is to allow for the development and integration of custom testing functionality into the Burp tool using Python request/response handler plugins.
Multiscanner
⭐
40
Security Tool which scans a target using OpenVAS, Zap, and Nexpose. And consolidates the scan result.
Osspolice
⭐
34
Identifying Open-Source License Violation and 1-day Security Risk at Large Scale
Reapsaw
⭐
32
Reapsaw is a continuous security devsecops tool, which helps in enabling security into CI/CD Pipeline. It supports coverage for multiple programming languages.
Defectdojo_api
⭐
31
Python API library for DefectDojo
Sucoshscanny
⭐
29
"Sucosh" is an automated Source Code vulnerability scanner and assessment framework for Python(Flask-Django) & NodeJs capable of performing code review in Web Application Developing or Source Code Analysis processes.
Security Requirements Generator
⭐
23
A small tool to help developers understand a huge set of security requirements from appsec teams
Zap Mini Workshop
⭐
22
Interactive IPython Notebook to demonstrate OWASP ZAP's API and Scripting Functions - OWASP ZAP 2.8.0
Cybersecurity Application Security
⭐
21
An ongoing & curated collection of awesome software practices and remediation, libraries and frameworks,payloads and techniques, best guidelines and technical resources about Application Security
Pyaim
⭐
21
@CyberArk Application Access Manager Client Library for Python 3
Dotdotfarm
⭐
20
Fast Path Traversal exploitation tool
Practical Web Penetration Testing
⭐
20
Practical Web Penetration Testing, published by Packt
Submonit88r
⭐
20
Submonit88r is a subdomain enumeration tool that allows you to discover and monitor subdomains for a given list of domains. It fetches subdomains from various sources [crtsh, hackertargetapi, anubis, alienvault, rappiddns, urlscan ] , saves them to a SQLite database, and can notify updates via Discord.
Payloadsall
⭐
17
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Graphqler
⭐
17
GraphQL application security testing helper
Devicecheck
⭐
17
Reduce fraudulent use of your services by managing device state and asserting app integrity via Apple DeviceCheck API with this Python wrapper.
Ansible Tetration
⭐
11
Ansible interface to the Tetration Network Policy Publisher
Appsecpipeline
⭐
11
Whitepass
⭐
10
Whitepass Bypass Whitelist/Ratelimit Implementations in Web Applications/APIs
Gemini Self Protector
⭐
10
Gemini - Runtime Application Self Protection Solution
Webinspectautomation
⭐
10
Sample Python script for automating WebInspect scans and pushing results to SSC
Dongtai Webapi
⭐
9
DongTai-WebAPI is the server part of the management tool of DongTai-IAST
Safeurl Python
⭐
9
Python implementation of SafeURL (Anti-SSRF Lib)
Ssti Flask Hacking Playground
⭐
7
App with Server Side Template Injection (SSTI) vulnerability - in Flask. For web penetration testing / ethical hacking. Possible RCE :)
Mobile Pentest Toolkit
⭐
7
Wlgen
⭐
5
Wordlist generator
Mavendependencycheck
⭐
5
An automation script to run OWASP Dependency-Check on multiple Maven Based projects.
Pyappspider
⭐
5
A Python client library for interfacing with Rapid7 AppSpider Enterprise.
Dsp Appsec Infrastructure Apps
⭐
5
This repository hosts DSP AppSec internal infrastructure apps deployed in GKE.
Insecureprogramming
⭐
5
(In)secure Programming
Zapcreds
⭐
5
A demo showing how to harvest credentials from Zapier
Related Searches
Python Django (28,897)
Python Machine Learning (20,195)
Python Flask (17,643)
Python Dataset (14,792)
Python Docker (14,113)
Python Tensorflow (13,736)
Python Command Line (13,351)
Python Deep Learning (13,092)
Python Jupyter Notebook (12,976)
Python Html (10,924)
1-27 of 27 search results
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.
