Trending repositories for topic application-security

serve as a reverse proxy to protect your web services from attacks and exploits.

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

Security automation content in SCAP, Bash, Ansible, and other formats

open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.

Penetration Testing For - Web | Mobile | API | Thick Client | Source Code Review | DevSecOps | Wireless | Network Pentesting, etc...

A industry-leading free, high-performance, AI and semantic technology web application and API security protection product - uuWAF. 一款工业级免费、高性能、高扩展，支持AI和语义引擎的Web应用和API安全防护产品-南墙。Web应用防火墙、WAF、WAAP

Metlo is an open-source API security platform.

Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...

Next generation web scanner

A curated list of resources for learning about application security

Curating the best DevSecOps resources and tooling.

Penetration Testing For - Web | Mobile | API | Thick Client | Source Code Review | DevSecOps | Wireless | Network Pentesting, etc...

open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.

serve as a reverse proxy to protect your web services from attacks and exploits.

A industry-leading free, high-performance, AI and semantic technology web application and API security protection product - uuWAF. 一款工业级免费、高性能、高扩展，支持AI和语义引擎的Web应用和API安全防护产品-南墙。Web应用防火墙、WAF、WAAP

Security automation content in SCAP, Bash, Ansible, and other formats

Metlo is an open-source API security platform.

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...

Next generation web scanner

A curated list of resources for learning about application security

Curating the best DevSecOps resources and tooling.

serve as a reverse proxy to protect your web services from attacks and exploits.

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

Security automation content in SCAP, Bash, Ansible, and other formats

open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.

Penetration Testing For - Web | Mobile | API | Thick Client | Source Code Review | DevSecOps | Wireless | Network Pentesting, etc...

A industry-leading free, high-performance, AI and semantic technology web application and API security protection product - uuWAF. 一款工业级免费、高性能、高扩展，支持AI和语义引擎的Web应用和API安全防护产品-南墙。Web应用防火墙、WAF、WAAP

Metlo is an open-source API security platform.

Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...

Next generation web scanner

A curated list of resources for learning about application security

Curating the best DevSecOps resources and tooling.

Penetration Testing For - Web | Mobile | API | Thick Client | Source Code Review | DevSecOps | Wireless | Network Pentesting, etc...

open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.

serve as a reverse proxy to protect your web services from attacks and exploits.

A industry-leading free, high-performance, AI and semantic technology web application and API security protection product - uuWAF. 一款工业级免费、高性能、高扩展，支持AI和语义引擎的Web应用和API安全防护产品-南墙。Web应用防火墙、WAF、WAAP

Security automation content in SCAP, Bash, Ansible, and other formats

Metlo is an open-source API security platform.

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...

Next generation web scanner

A curated list of resources for learning about application security

Curating the best DevSecOps resources and tooling.

serve as a reverse proxy to protect your web services from attacks and exploits.

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

A industry-leading free, high-performance, AI and semantic technology web application and API security protection product - uuWAF. 一款工业级免费、高性能、高扩展，支持AI和语义引擎的Web应用和API安全防护产品-南墙。Web应用防火墙、WAF、WAAP

Next generation web scanner

🎯 Command Injection Payload List

A curated list of awesome Android Reverse Engineering training, resources, and tools.

open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.

Mantis is a security framework that automates the workflow of discovery, reconnaissance, and vulnerability scanning.

Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...

Security automation content in SCAP, Bash, Ansible, and other formats

Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic...

Penetration Testing For - Web | Mobile | API | Thick Client | Source Code Review | DevSecOps | Wireless | Network Pentesting, etc...

A curated list of resources for learning about application security

Curating the best DevSecOps resources and tooling.

Pen Test Report Generation and Assessment Collaboration

A curated list of awesome iOS application security resources.

Damn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android application security hacking skills.

Схема карьерных треков в кибербезопасности

Схема карьерных треков в кибербезопасности

A industry-leading free, high-performance, AI and semantic technology web application and API security protection product - uuWAF. 一款工业级免费、高性能、高扩展，支持AI和语义引擎的Web应用和API安全防护产品-南墙。Web应用防火墙、WAF、WAAP

This repository contains cheatsheets and payloads compiled from completing the labs at PortSwigger Academy.

Penetration Testing For - Web | Mobile | API | Thick Client | Source Code Review | DevSecOps | Wireless | Network Pentesting, etc...

An ongoing & curated collection of awesome software practices and remediation, libraries and frameworks,payloads and techniques, best guidelines and technical resources about Application Security

Source code samples for "Defence in Depth" articles and presentations.

Code Pathfinder, the open-source alternative to GitHub CodeQL. Built for advanced structural search, derive insights, find vulnerabilities in code.

A curated list of awesome Android Reverse Engineering training, resources, and tools.

open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.

Mantis is a security framework that automates the workflow of discovery, reconnaissance, and vulnerability scanning.

serve as a reverse proxy to protect your web services from attacks and exploits.

AI-driven Threat modeling-as-a-Code (TaaC-AI)

Pen Test Report Generation and Assessment Collaboration

Skills and career roadmap for various security roles like application security, cloud security, DevSecOps, security engineer, security researchers, pentesting, api security, network security, mobile s...

Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic...

A curated list of awesome iOS application security resources.

This repository is a dockerized PHP application containing some file upload vulnerability challenges (scenarios).

A simple PHP application to learn SQL Injection detection and exploitation techniques.

x86-64 code/pe virtualizer

Damn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android application security hacking skills.

AI-driven Threat modeling-as-a-Code (TaaC-AI)

Protect your web-application with Dynamic Style Loading and Real-Time Obfuscation. Easy to use!

Code Pathfinder, the open-source alternative to GitHub CodeQL. Built for advanced structural search, derive insights, find vulnerabilities in code.

Схема карьерных треков в кибербезопасности

A BurpSuite extension for vulnerability Scanning

serve as a reverse proxy to protect your web services from attacks and exploits.

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

Mantis is a security framework that automates the workflow of discovery, reconnaissance, and vulnerability scanning.

Next generation web scanner

🎯 Command Injection Payload List

Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...

A curated list of awesome Android Reverse Engineering training, resources, and tools.

open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.

A curated list of resources for learning about application security

Pen Test Report Generation and Assessment Collaboration

A industry-leading free, high-performance, AI and semantic technology web application and API security protection product - uuWAF. 一款工业级免费、高性能、高扩展，支持AI和语义引擎的Web应用和API安全防护产品-南墙。Web应用防火墙、WAF、WAAP

Curating the best DevSecOps resources and tooling.

Penetration Testing For - Web | Mobile | API | Thick Client | Source Code Review | DevSecOps | Wireless | Network Pentesting, etc...

A list of cheat sheets for application security

Security automation content in SCAP, Bash, Ansible, and other formats

Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic...

Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.

This repository contains a list of roadmaps I created with my suggestions on LinkedIn and Twitter.🤞🏻😌

This repository contains a list of roadmaps I created with my suggestions on LinkedIn and Twitter.🤞🏻😌

AI-driven Threat modeling-as-a-Code (TaaC-AI)

x86-64 code/pe virtualizer

A list of cheat sheets for application security

A curated list of security card games.

A curated list of awesome Android Reverse Engineering training, resources, and tools.

This repository contains cheatsheets and payloads compiled from completing the labs at PortSwigger Academy.

serve as a reverse proxy to protect your web services from attacks and exploits.

open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.

A industry-leading free, high-performance, AI and semantic technology web application and API security protection product - uuWAF. 一款工业级免费、高性能、高扩展，支持AI和语义引擎的Web应用和API安全防护产品-南墙。Web应用防火墙、WAF、WAAP

Skills and career roadmap for various security roles like application security, cloud security, DevSecOps, security engineer, security researchers, pentesting, api security, network security, mobile s...

SDK providing app protection and threat monitoring for mobile devices, available for Flutter, Cordova, Android and iOS.

Here you will find various Azure Demos & Tutorials that I've put together for Azure Cloud using DevOps, Container Services and other PaaS offerings.

This repository is a dockerized PHP application containing some file upload vulnerability challenges (scenarios).

Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.

An ongoing & curated collection of awesome software practices and remediation, libraries and frameworks,payloads and techniques, best guidelines and technical resources about Application Security

Security interview questions with possible explanation for roles in AppSec, Pentesting, Cloud Security, DevSecOps, Network Security and so on

How to implement Step-up Authentication using Amazon Cognito

A curated list of awesome iOS application security resources.

Curating the best DevSecOps resources and tooling.