Topic: application-security Goto Github

👇 Here are 239 public repositories matching this topic...

0xn3va / cheat-sheets
application-security,A list of cheat sheets for application security
User: 0xn3va
Home Page: https://0xn3va.gitbook.io/cheat-sheets/
cheat-sheets mobile web application-security pentesting ios linux docker security android

abhi-r3v0 / evabs
application-security,An open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners.
User: abhi-r3v0
Home Page: https://www.hawkspawn.com/EVABS
android-app android-security application-security mobile-app mobile-security mobile-pentest android-pentest ctf-challenges mobile-ctf android-application-vulnerabilities

anof-cyber / application-security
application-security,Resources for Application Security including Web, API, Android, iOS and Thick Client
User: anof-cyber
android application-security appsec bugbounty cybersecurity hacking infosec penetration-testing penetration-testing-notes pentesting

appsecco / breaking-and-pwning-apps-and-servers-aws-azure-training
application-security,Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!
Organization: appsecco
aws-security pentesting penetration-testing azure-security application-security opensource free

autodesk / continuous-threat-modeling
application-security,A Continuous Threat Modeling methodology
Organization: autodesk
application-security threat-modeling secure-development

bloodzer0 / ossa
application-security,Open-Source Security Architecture | 开源安全架构
User: bloodzer0
Home Page: https://bloodzer0.github.io/ossa/
security security-vulnerability security-tools security-audit security-scanner ids ips business-security application-security code-audit

brcyrr / practicalcybersecurityresources
application-security,This repository contains a curated list of resources I suggest on LinkedIn and Twitter.📝🌝
User: brcyrr
cybersecurity devsecops infosec pentesting certification application-security codereview

complianceascode / content
application-security,Security automation content in SCAP, Bash, Ansible, and other formats
Organization: complianceascode
Home Page: https://complianceascode.readthedocs.io/en/latest/
security compliance scap xccdf oval cpe cce usgcb pci-dss ospp

cy-clon3 / awesome-ios-security
application-security,A curated list of awesome iOS application security resources.
User: cy-clon3
awesome awesome-list ios pentesting security application-security cybersecurity

dn0m1n8tor / learn365
application-security,This repository is about @AnubhavSingh_'s 365 days of Learning Tweets collection.
User: dn0m1n8tor
learning community infosec application-security pentesting vulnerabilities bugbounty pentesting-tools bugbountytips

enkomio / taipan
application-security,Web application vulnerability scanner
User: enkomio
Home Page: https://taipansec.com
security-tools security-scanner security-automation web-security application-security security security-audit security-testing hacking-tool taipan

factionsecurity / faction
application-security,Pen Test Report Generation and Assessment Collaboration
Organization: factionsecurity
Home Page: https://www.factionsecurity.com/
application-security hacking penetration-testing penetration-testing-tools pentesting reporting security security-audit security-automation security-tools

flipkart-incubator / watchdog
application-security,Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
Organization: flipkart-incubator
security-tools security security-vulnerability security-testing vulnerability-management vulnerability-assessment pentest-tool penetration-testing-framework cve-databases cve-search

guardrailsio / awesome-php-security
application-security,Awesome PHP Security Resources 🕶🐘🔐
Organization: guardrailsio
php security security-tools application-security devsecops awesome-list awesome

harsh-bothra / learn365
application-security,This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.
User: harsh-bothra
bugbounty community infosec vulnerabilities bugbountytips pentesting pentesting-tools learning application-security

iamthefrogy / nerdbug
application-security,Full Nuclei automation script with logic explanation.
User: iamthefrogy
automation security-tools nuclei-templates nuclei bugbounty bugbountytips bugbounty-bot application-security appsec

janusec / janusec
application-security,JANUSEC Application Gateway provides secure access, including reverse proxy, K8S Ingress Controller, Automatic ACME Certificate, WAF, 5-Second Shield, CC Defense, OAuth2 Authentication, Global Server Load Balance, and Cookie Compliance etc. JANUSEC应用网关，提供安全的接入，包括反向代理、K8S Ingress Controller、自动化ACME证书、WAF、5秒盾、CC防御、OAuth2身份认证、GSLB负载均衡与Cookie合规等。
Organization: janusec
Home Page: https://janusec.github.io/
waf web-application-firewall application-gateway load-balance gateway application-security golang security web-application-security sql-injection

jassics / cybersecurity-roadmap
application-security,Skills and career roadmap for various security roles like application security, cloud security, DevSecOps, security engineer, security researchers, pentesting, api security, network security, mobile security and so on with helpful resources, guidelines
User: jassics
Home Page: https://cybercloud.guru/
security-tools security-automation aws-security cloud-security network-security devsecops interview-questions application-security cybersecurity-career-path cybersecurity-awareness

jassics / security-interview-questions
application-security,Security interview questions with possible explanation for roles in AppSec, Pentesting, Cloud Security, DevSecOps, Network Security and so on
User: jassics
Home Page: https://cybercloud.guru/
application-security cybersecurity devsecops interview-questions security-questions web-security-interview cloud-security devsecops-interview-quesitons security-interview-questions interview-preparation

jassics / security-study-plan
application-security,Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...
User: jassics
aws-security study-guide study-plan appsec appsec-tutorials azure-security devsecops-university gcp-security pentesting application-security

juice-shop / juice-shop
application-security,OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Organization: juice-shop
Home Page: https://owasp-juice.shop
owasp javascript vulnerable hacking application-security owasp-top-10 owasp-top-ten pentesting vulnapp appsec

juice-shop / juice-shop-ctf
application-security,Tool to export Juice Shop challenges and hints in data format compatible with CTFd, RootTheBox or FBCTF
Organization: juice-shop
Home Page: http://owasp-juice.shop
owasp ctf ctfd application-security capture-the-flag pentesting hacking owasp-juice-shop ctfd-database ctfd-setup

karmaz95 / crimson
application-security,Web Application Security Testing Tools
User: karmaz95
Home Page: https://karol-mazurek.medium.com/
penetration-testing pentesting-tools application-security vulnerability-scanners

lukefalsina / grab-n-run
application-security,Grab’n Run, a simple and effective Java Library for Android projects to secure dynamic code loading.
User: lukefalsina
android-application java android-development signature-verification application-security dynamic

mattkeeley / spoofy
application-security,Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.
User: mattkeeley
application-security appsec cybersecurity deliverability dmarc email-security emails infosec penetration-testing penetration-testing-tools

metlo-labs / metlo
application-security,Metlo is an open-source API security platform.
Organization: metlo-labs
Home Page: https://metlo.com
security api-gateway api-security application-security cybersecurity monitoring vulnerabilities vulnerability-detection metlo infosec

olacabs / jackhammer
application-security,Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
Organization: olacabs
Home Page: https://jch.olacabs.com/userguide
security-vulnerability-assessment vulnerability-management static-code-analysis mobile-security webappsec wordpress-security network-security security-scanner security dynamic-analysis

openappsec / openappsec
application-security,open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.
Organization: openappsec
Home Page: https://openappsec.io
api-security application-security kubernetes nginx web-application-firewall appsec devsecops kong rate-limiting security-tools

owasp / cheatsheetseries
application-security,The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Organization: owasp
Home Page: https://cheatsheetseries.owasp.org
owasp code security cheatsheets best-practices appsec application-security

owasp / wstg
application-security,The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Organization: owasp
Home Page: https://owasp.org/www-project-web-security-testing-guide/
best-practices guide owasp bugbounty penetration-testing pentesting application-security security hacktoberfest appsec

paragonie / airship
application-security,Secure Content Management for the Modern Web - "The sky is only the beginning"
Organization: paragonie
Home Page: https://cspr.ng
cms-airship libsodium php content-management secure security postgresql application-security cms free-software

paragonie / awesome-appsec
application-security,A curated list of resources for learning about application security
Organization: paragonie
Home Page: https://paragonie.com/projects
security-experts reading-list curated application-security security owasp

payloadbox / command-injection-payload-list
application-security,🎯 Command Injection Payload List
Organization: payloadbox
Home Page: https://ismailtasdelen.medium.com
command-injection injection security-vulnerability vulnerability payload-list payload os-injection command os unix

payloadbox / rfi-lfi-payload-list
application-security,🎯 RFI/LFI Payload List
Organization: payloadbox
Home Page: https://ismailtasdelen.medium.com
rfi lfi rfi-exploiton lfi-exploitation lfi-vulnerability rfi-vulnerabillity websecurity appsec application-security web-application-security

quitten / autorize
application-security,Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
User: quitten
authorization authorization-enforcement burpsuite burp-plugin jython application-security

rewanthtammana / damn-vulnerable-bank
application-security,Damn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android application security hacking skills.
User: rewanthtammana
Home Page: https://rewanthtammana.com/damn-vulnerable-bank/
security android vulnerable-android-apps infosec hacking pentesting android-security application-security vulnerable-application damn-vulnerable-bank

s4n7h0 / xvwa
application-security,XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.
User: s4n7h0
xvwa php application-security learning-appsec vulnerability knowledge mysql

safe3 / uuwaf
application-security,A industry-leading free, high-performance, AI and semantic technology web application and API security protection product - uuWAF. 一款工业级免费、高性能、高扩展，支持AI和语义引擎的Web应用和API安全防护产品-南墙。Web应用防火墙、WAF、WAAP
User: safe3
Home Page: https://waf.uusec.com
waf application-security web-application-firewall modsecurity web-security-gateway api-gateway api-security waap security uuwaf

security-prince / application-security-engineer-interview-questions
application-security,Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
User: security-prince
security-engineer-interview webappsec appsec devsecops infosec application-security vulnerability sdlc xss interview-questions

sh4hin / androl4b
application-security,A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis
User: sh4hin
android application-security malware-analyzer mobile-security penetration-testing reverse-engineering

smilezxlee / zxhookdetection
application-security,【iOS应用安全、安全攻防】hook及越狱的基本防护与检测(动态库注入检测、hook检测与防护、越狱检测、签名校验、IDA反编译分析加密协议Demo)；【数据传输安全】浅谈http、https与数据加密
User: smilezxlee
application-security detection hook ios-security defend

spamscope / spamscope
application-security,Fast Advanced Spam Analysis Tool
Organization: spamscope
Home Page: https://pypi.python.org/pypi/SpamScope
security mail-analyzer spam-analyzer streamparse apache-storm application-security python outlook docker-image docker

talsec / free-rasp-community
application-security,SDK providing app protection and threat monitoring for mobile devices, available for Flutter, Cordova, Android and iOS.
Organization: talsec
Home Page: https://talsec.app/freerasp-in-app-protection-security-talsec
rasp tampering-detection fraud-detection repackaging-detection cloning reverse-engineering hooking security-tools application-security appsec

taptuit / awesome-devsecops
application-security,Curating the best DevSecOps resources and tooling.
Organization: taptuit
application-security awesome awesome-list devops devsecops hacktoberfest secure-software-development

tprynn / web-methodology
application-security,Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki
User: tprynn
web security web-application web-application-security application-security appsec security-testing documentation

urbanadventurer / whatweb
application-security,Next generation web scanner
User: urbanadventurer
Home Page: https://www.morningstarsecurity.com/research/whatweb
security web scanner ruby penetration-testing kali-linux owasp penetration-testing-tools penetration-test hacking

user1342 / awesome-android-reverse-engineering
application-security,A curated list of awesome Android Reverse Engineering training, resources, and tools.
User: user1342
android application-security awesome awesome-list crackmes ctfs malware-analysis reverse-engineering tools training

volkandindar / agartha
application-security,a burp extension creates dynamic payloads to reveal injection flaws(LFI, RCE, SQLi), generates user access tables to spot authentication/authorization issues, and copys Http requests as JavaScript code.
User: volkandindar
penetration-testing pentesting cybersecurity burp-extensions hacking hacking-tool application-security appsec offsec burpsuite

wallarm / awesome-nginx-security
application-security,🔥 A curated list of awesome links related to application security related to the environments with NGINX or Kubernetes Ingres Controller (based on NGINX)
Organization: wallarm
nginx modsecurity waf naxsi awesome-list awesome-lists security webserver load-balancer nginx-security

we45 / threatplaybook
application-security,A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestration
Organization: we45
Home Page: https://threatplaybook.io
devsecops threat-model application-security sast dast python