Topic: appsec Goto Github
Some thing interesting about appsec
Some thing interesting about appsec
appsec,njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
User: ajinabraham
Home Page: https://opensecurity.in
appsec,SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). :rainbow:
User: albuch
appsec,w3af: web application attack and audit framework, the open source web vulnerability scanner.
User: andresriancho
Home Page: http://w3af.org/
appsec,Resources for Application Security including Web, API, Android, iOS and Thick Client
User: anof-cyber
appsec,A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.
User: ayoubfathi
appsec,Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
Organization: bearer
Home Page: https://docs.bearer.com
appsec,A library for detecting known secrets across many web frameworks
Organization: blacklanternsecurity
appsec,Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
Organization: checkmarx
Home Page: https://kics.io
appsec,Datadog Go Library including APM tracing, profiling, and security monitoring.
Organization: datadog
Home Page: https://docs.datadoghq.com/tracing/
appsec,Datadog PHP Clients
Organization: datadog
Home Page: https://docs.datadoghq.com/tracing/setup/php
appsec, DevSecOps, ASPM, Vulnerability Management. All on one platform.
Organization: defectdojo
Home Page: https://defectdojo.com
appsec,Integrates Dependency-Check reports into SonarQube
Organization: dependency-check
appsec,Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Organization: dependencytrack
Home Page: https://dependencytrack.org/
appsec,
Organization: httpvoid
Home Page: https://httpvoid.com
appsec,A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.
Organization: hysnsec
Home Page: https://www.practical-devsecops.com/devsecops-university/
appsec,Open Source Vulnerability Management Platform
Organization: infobyte
Home Page: https://www.faradaysec.com
appsec,A list of web application security
User: infoslack
appsec,Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...
User: jassics
appsec,Version 0.2 - Exploit Time-based blind-SQL injection in HTTP-Headers (MySQL/MariaDB).
User: johntroony
appsec,OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Organization: juice-shop
Home Page: https://owasp-juice.shop
appsec,Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.
User: mattkeeley
appsec,Web path scanner
User: maurosoria
appsec,8 Lessons, Kick-start Your Cybersecurity Learning.
Organization: microsoft
Home Page: https://microsoft.github.io/Security-101/
appsec,Some of my security stuff and vulnerabilities. Nothing advanced. More to come.
User: numirias
Home Page: https://twitter.com/rawsec
appsec,open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.
Organization: openappsec
Home Page: https://openappsec.io
appsec,The parent project for OpenZiti. Here you will find the executables for a fully zero trust, application embedded, programmable network @OpenZiti
Organization: openziti
Home Page: https://openziti.io
appsec,Oversecured Vulnerable Android App
Organization: oversecured
Home Page: https://oversecured.com
appsec,The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Organization: owasp
Home Page: https://cheatsheetseries.owasp.org
appsec,The OWASP Vulnerable Web Applications Directory project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.
Organization: owasp
Home Page: https://owasp.org/www-project-vulnerable-web-applications-directory/
appsec,A vulnerable version of Rails that follows the OWASP Top 10
Organization: owasp
Home Page: railsgoat.cktricky.com
appsec,This project is about creating and publishing threat model examples.
Organization: owasp
Home Page: https://owasp.org/www-project-threat-model-cookbook/
appsec,The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Organization: owasp
Home Page: https://owasp.org/www-project-web-security-testing-guide/
appsec,OWASP Community Pages are a place where OWASP can accept community contributions for security-related content.
Organization: owasp
Home Page: https://owasp.org/www-community/
appsec,🎯 RFI/LFI Payload List
Organization: payloadbox
Home Page: https://ismailtasdelen.medium.com
appsec,Open Source Static Scanning tool to detect data flows in your code, find data security vulnerabilities & generate accurate Play Store Data Safety Report.
Organization: privado-inc
Home Page: https://docs.privado.ai
appsec,An OOB interaction gathering server and client library
Organization: projectdiscovery
Home Page: https://app.interactsh.com
appsec,vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
User: roottusk
appsec,Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
User: security-prince
appsec,Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependencies. CI and Git friendly.
Organization: shiftleftsecurity
Home Page: https://discord.gg/DCNxzaeUpd
appsec, An open source, git-ops, zero-trust secret encryption and decryption solution for Kubernetes applications
Organization: soluto
Home Page: https://kamus.soluto.io
appsec,TCP/UDP Non-HTTP Proxy Extension (NoPE) for Burp Suite.
User: summitt
appsec,Tests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.
User: thehackerdev
appsec,Next generation web scanner
User: urbanadventurer
Home Page: https://www.morningstarsecurity.com/research/whatweb
appsec,a burp extension creates dynamic payloads to reveal injection flaws(LFI, RCE, SQLi), generates user access tables to spot authentication/authorization issues, and copys Http requests as JavaScript code.
User: volkandindar
appsec,OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security training. This is an easy-to-use web hacking environment designed for labs, security enthusiasts, classrooms, CTF, and vulnerability assessment tool targets.
User: webpwnized
appsec,ZAP Add-ons
Organization: zaproxy
appsec,The ZAP core project
Organization: zaproxy
Home Page: https://www.zaproxy.org
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.