44 results found Sort:

juice-shop
juice-shop juice-shop
12.5k
11.1k
mit
166
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
ctf owasp appsec hacking vulnapp security javascript pentesting vulnerable owasp-top-10 hacktoberfest owasp-top-ten 24pullrequests application-security
Created 2014-09-19
20,474 commits to master branch, last one 25 days ago
payloadbox
sql-injection-payload-list payloadbox
1.3k
5.4k
mit
94
🎯 SQL Injection Payload List
hacking payload attacker payloads bugbounty injection sql-inject websecurity owasp-top-10 sql-injection sql-injections injection-attacks security-research injection-payloads sql-injection-proof sql-injection-attack sql-injection-attacks sql-injection-filterer sql-injection-payloads sql-injection-exploitation
Created 2019-10-30
16 commits to master branch, last one 3 years ago
xalgord
Massive-Web-Application-Penetration-Testing-Bug-Bounty-Notes xalgord
246
1.5k
unknown
30
A comprehensive guide for web application penetration testing and bug bounty hunting, covering methodologies, tools, and resources for identifying and exploiting vulnerabilities.
owasp hacking xalgord bugbounty resources bug-bounty collection owasp-top-10 bugbountytips ethical-hacking
Created 2021-02-26
37 commits to main branch, last one 6 months ago
webpwnized
mutillidae webpwnized
447
1.3k
gpl-3.0
49
OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security training. This is an easy-to-use web hacking environment designed for labs, secu...
10 top web owasp appsec security training application owasp-top-10 cybersecurity penetration-testing
Created 2018-09-28
807 commits to main branch, last one about a month ago
akto-api-security
akto akto-api-security
237
1.3k
mit
17
Proactive, Open source API security → API discovery, API Security Posture, Testing in CI/CD, Test Library with 1000+ Tests, Add custom tests, Sensitive data exposure
idor security devsecops api-testing api-security owasp-top-10 api-discovery authorization hacktoberfest authentication security-testing threat-detection hacktoberfest2023 devsecops-pipeline api-security-posture api-security-testing sensitive-data-exposure
Created 2023-01-31
6,496 commits to master branch, last one 13 hours ago
roottusk
vapi roottusk
316
1.2k
gpl-3.0
20
vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
api php cors owasp appsec docker postman apitop10 bugbounty exercises owasp-top-10 hacktoberfest owasp-top-ten appsec-tutorials hacktoberfest-accepted vulnerable-application
Created 2020-09-06
136 commits to master branch, last one 3 months ago
Zeyad-Azima
Offensive-Resources Zeyad-Azima
213
956
unknown
34
A Huge Learning Resources with Labs For Offensive Security Players
api web hack owasp mobile hacking redteam learning red-team security offensive red-teaming api-security owasp-top-10 web-security cybersecurity cloud-security infrastructure mobile-security offensive-security
Created 2021-02-14
104 commits to main branch, last one 2 years ago
globocom
secDevLabs globocom
458
926
bsd-3-clause
31
A laboratory for learning secure web and mobile development in a practical manner.
labs security training development owasp-top-10 hacktoberfest vulnerability hacktoberfest2022
Created 2018-12-01
710 commits to master branch, last one 6 months ago
appsecco
dvna appsecco
747
724
mit
24
Damn Vulnerable NodeJS Application
dvna hack owasp nodejs testing security vulnerable owasp-top-10 vulnerable-apps
Created 2017-11-13
42 commits to master branch, last one about a year ago
bmarsh9
gapps bmarsh9
119
526
other
26
Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking. https://gapps.darkbanner.com
csc grc pci asvs cmmc nist soc2 27002 cis18 hipaa owasp pci-dss iso27001 nist-csf security compliance nist800-53 owasp-top-10
Created 2022-11-22
174 commits to main branch, last one 3 months ago
OWASP
iGoat-Swift OWASP
187
426
gpl-3.0
17
OWASP iGoat (Swift) - A Damn Vulnerable Swift Application for iOS
ipa ios-swift owasp-igoat ios-security owasp-top-10 runtime-security insecure-data-storage
Created 2018-04-03
129 commits to master branch, last one 2 years ago
ghostery
local-sheriff ghostery
24
307
gpl-3.0
10
Think of Local sheriff as a recon tool in your browser (WebExtension). While you normally browse the internet, Local Sheriff works in the background to empower you in identifying what data points (PII...
data-leakage owasp-top-10 privacy-tools web-extension gdpr-checklist sensitive-data-exposure
Created 2018-04-25
87 commits to master branch, last one 4 years ago
ossamayasserr
WebAppPentestRoadmap ossamayasserr
62
279
gpl-3.0
5
Roadmap for Web Application Penetration Testing | FREE Resources (Not Pirated)
pentest roadmap security burpsuite tryhackme portswigger owasp-top-10 web-security penetration-testing information-security
Created 2023-08-25
8 commits to main branch, last one about a year ago
globaldatanet
aws-firewall-factory globaldatanet
24
245
apache-2.0
7
Enhance the security of your web applications effortlessly with AWS Firewall Factory. Safeguard your valuable assets through seamless WAF deployment, updates, and staging, all centrally managed with A...
aws cdk waf owasp wafv2 firewall security devsecops governance typescript owasp-top-10 hacktoberfest amazon-web-services
Created 2021-11-05
637 commits to master branch, last one 2 months ago
ivan-sincek
forbidden ivan-sincek
42
241
mit
5
Bypass 4xx HTTP response status codes and more. The tool is based on Python Requests, PycURL, and HTTP Client.
401 403 web curl bypass pycurl python fuzzing security bug-bounty brute-force owasp-top-10 open-redirect ethical-hacking python-requests offensive-security penetration-testing red-team-engagement broken-access-controls web-penetration-testing
Created 2021-10-04
34 commits to main branch, last one 29 days ago
akto-api-security
30-API-security-tests akto-api-security
29
212
unknown
5
🚀 Join us for 30days of daily API security tests. #30days30tests We've spent last 120days building amazing API security tests for the community. Next 30 days we will post test tutorials here.
bola testing security owasp-top-10
Created 2023-02-07
15 commits to master branch, last one 2 years ago
OWASP
ASST OWASP
36
168
mit
7
OWASP ASST (Automated Software Security Toolkit) | A Novel Open Source Web Security Scanner.
asst owasp owasp-top-10 cybersecurity security-audit security-testing security-hardening security-assessments vulnerability-scanner vulnerability-scanners vulnerability-detection vulnerability-assessment web-vulnerability-scanner web-vulnerability-scanners security-assesment-security-tools
Created 2020-10-30
28 commits to main branch, last one 2 months ago
moeinfatehi
Backup-Finder moeinfatehi
29
162
gpl-3.0
1
A burp suite extension that reviews backup, old, temporary and unreferenced files on web server for sensitive information (OWASP WSTG-CONF-04, OTG-CONFIG-004)
burp owasp burpsuite pentesting appsecurity portswigger backupfinder data-leakage owasp-top-10 owasp-top-ten burp-extensions burpsuite-extender penetration-testing application-security sensitive-data-exposure
Created 2018-09-10
37 commits to master branch, last one about a year ago
yevh
VulnPlanet yevh
21
159
gpl-3.0
16
Vulnerable code snippets with fixes for Web2, Web3, API, iOS, Android and Infrastructure-as-Code (IaC)
api cve ios poc waf code web2 web3 owasp android security bugbounty pentesting appsecurity codesecurity owasp-top-10 vulnerability vulnerabilities appsec-tutorials application-security
Created 2023-01-02
115 commits to main branch, last one 7 months ago
cerberauth
vulnapi cerberauth
15
127
mit
3
API Security Vulnerability Scanner designed to help you secure your APIs.
jwt dast graphql openapi security api-testing api-security owasp-top-10 authorization cybersecurity authentication security-tools security-scanner api-security-testing vulnerability-scanners
Created 2023-08-22
463 commits to main branch, last one 9 days ago
moeinfatehi
Admin-Panel_Finder moeinfatehi
20
118
gpl-3.0
6
A burp suite extension that enumerates infrastructure and application admin interfaces (OTG-CONFIG-005)
owasp burpsuite find-admin admin-finder data-leakage owasp-top-10 okadminfinder owasp-top-ten burp-extensions adminpanelfinder admin-page-finder admin-login-finder admin-panel-finder burpsuite-extender admin-login-scanner penetration-testing application-security admin-dashboard-finder sensitive-data-leakage sensitive-data-exposure
Created 2018-09-18
9 commits to master branch, last one 2 years ago
dipakpanchal05
CVE-2022-23808 dipakpanchal05
23
116
unknown
3
phpMyAdmin XSS
poc xss owasp exploit hacking infosec redteam zeroday database bugbounty pentesting phpmyadmin redteaming exploitation owasp-top-10 vulnerability cross-site-scripting
Created 2022-02-01
11 commits to main branch, last one 5 months ago
hellosatish
microservice-patterns hellosatish
119
116
apache-2.0
6
Code to share the knowledge I gained while designing and implementing micro services
golang api-sec security swagger-ui spring-boot event-driven owasp-top-10 kafka-streams microservices service-discovery microservices-architecture
Created 2018-03-18
32 commits to master branch, last one 4 years ago
moeinfatehi
xss_vulnerability_challenges moeinfatehi
15
115
unknown
3
this repository is a docker containing some "XSS vulnerability" challenges and bypass examples.
xss owasp infosec pentesting xss-filter appsecurity xss-attacks owasp-top-10 owasp-top-ten xss-detection input-validation xss-exploitation xss-vulnerability penetration-testing application-security cross-site-scripting
Created 2018-06-30
11 commits to master branch, last one 2 years ago
appsecco
sqlinjection-training-app appsecco
57
113
mit
7
A simple PHP application to learn SQL Injection detection and exploitation techniques.
appsec exploit owasp-top-10 training-app web-security owasp-top-ten sql-injection vulnerable-apps vulnerable-web-app application-security
Created 2019-05-12
11 commits to master branch, last one 5 years ago
andifalk
reactive-spring-security-5-workshop andifalk
46
108
apache-2.0
9
Hands-On workshop for securing a reactive spring boot 2 application in multiple steps
oauth2 spring workshop spring-mvc spring-boot owasp-top-10 openid-connect spring-webflux spring-security reactive-streams
Created 2018-03-22
170 commits to master branch, last one about a year ago
errorfiathck
IDOR-Forge errorfiathck
18
96
mit
5
IDOR Forge is an advanced and versatile tool designed to detect Insecure Direct Object Reference (IDOR) vulnerabilities in web applications.
xml xss idor json tool base64 hunter python idor-attack owasp-top-10 cybersecurity sql-injection vulnerability idor-vulnerability
Created 2025-01-24
59 commits to main branch, last one 9 days ago
sh3bu
Portswigger_labs sh3bu
29
92
unknown
2
This repository contains my writeups for the labs in PortSwigger's Web Security Academy platform. Each lab writeup includes the lab's name, description, and my step-by-step solution, as well as any ad...
writeups websecurity owasp-top-10 portswigger-labs
Created 2023-03-14
478 commits to main branch, last one 2 months ago
abunuwas
fencer abunuwas
13
85
mit
6
Automated API security testing
api jwt oauth2 graphql openapi testing rest-api security api-security owasp-top-10 sql-injection api-security-testing
Created 2023-01-31
57 commits to main branch, last one 8 months ago
OWASP
www-project-machine-learning-security-top-10 OWASP
25
83
other
17
OWASP Machine Learning Security Top 10 Project
ai ml mlai mlops mlsec owasp top10 appsec mlsecops mlsecurity owasp-top-10
Created 2019-09-12
267 commits to master branch, last one 2 months ago