Trending repositories for topic application-security
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Security automation content in SCAP, Bash, Ansible, and other formats
A curated list of awesome Android Reverse Engineering training, resources, and tools.
Penetration Testing For - Web | Mobile | API | Thick Client | Source Code Review | DevSecOps | Wireless | Network Pentesting, etc...
A curated list of awesome iOS application security resources.
A curated list of resources for learning about application security
Penetration Testing For - Web | Mobile | API | Thick Client | Source Code Review | DevSecOps | Wireless | Network Pentesting, etc...
A curated list of awesome iOS application security resources.
A curated list of awesome Android Reverse Engineering training, resources, and tools.
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
Security automation content in SCAP, Bash, Ansible, and other formats
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
A curated list of resources for learning about application security
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Security automation content in SCAP, Bash, Ansible, and other formats
A curated list of resources for learning about application security
A curated list of awesome Android Reverse Engineering training, resources, and tools.
open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.
Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...
This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.
Mantis is a security framework that automates the workflow of discovery, reconnaissance, and vulnerability scanning.
Skills and career roadmap for various security roles like application security, cloud security, DevSecOps, security engineer, security researchers, pentesting, api security, network security, mobile s...
Penetration Testing For - Web | Mobile | API | Thick Client | Source Code Review | DevSecOps | Wireless | Network Pentesting, etc...
A curated list of awesome iOS application security resources.
An industry-leading free, high-performance, AI and semantic technology web application firewall and API security protection product - UUSEC WAF. 一款工业级免费、高性能、高扩展,支持AI和语义引擎的Web应用和API安全防护产品-南墙。Web应用防火墙、W...
Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. Sugar-Free and Secure: no any external dependencies except for ...
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
A curated list of awesome Android Reverse Engineering training, resources, and tools.
Skills and career roadmap for various security roles like application security, cloud security, DevSecOps, security engineer, security researchers, pentesting, api security, network security, mobile s...
Penetration Testing For - Web | Mobile | API | Thick Client | Source Code Review | DevSecOps | Wireless | Network Pentesting, etc...
open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.
Security automation content in SCAP, Bash, Ansible, and other formats
A curated list of awesome iOS application security resources.
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestration
Mantis is a security framework that automates the workflow of discovery, reconnaissance, and vulnerability scanning.
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.
An industry-leading free, high-performance, AI and semantic technology web application firewall and API security protection product - UUSEC WAF. 一款工业级免费、高性能、高扩展,支持AI和语义引擎的Web应用和API安全防护产品-南墙。Web应用防火墙、W...
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Curating the best DevSecOps resources and tooling.
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.
A curated list of awesome Android Reverse Engineering training, resources, and tools.
An industry-leading free, high-performance, AI and semantic technology web application firewall and API security protection product - UUSEC WAF. 一款工业级免费、高性能、高扩展,支持AI和语义引擎的Web应用和API安全防护产品-南墙。Web应用防火墙、W...
Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...
A curated list of resources for learning about application security
Curating the best DevSecOps resources and tooling.
Security automation content in SCAP, Bash, Ansible, and other formats
This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.
Skills and career roadmap for various security roles like application security, cloud security, DevSecOps, security engineer, security researchers, pentesting, api security, network security, mobile s...
Penetration Testing For - Web | Mobile | API | Thick Client | Source Code Review | DevSecOps | Wireless | Network Pentesting, etc...
Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic...
Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.
SDK providing app protection and threat monitoring for mobile devices. Works with Flutter, React Native, Android and iOS. Shield your app with free RASP. Detect reverse engineering, root (Magisk), jai...
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
A curated list of awesome Android Reverse Engineering training, resources, and tools.
An industry-leading free, high-performance, AI and semantic technology web application firewall and API security protection product - UUSEC WAF. 一款工业级免费、高性能、高扩展,支持AI和语义引擎的Web应用和API安全防护产品-南墙。Web应用防火墙、W...
open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.
collectvars collects JavaScript variables, highlights risky ones, and helps you understand code structure, while you casually browse.
Skills and career roadmap for various security roles like application security, cloud security, DevSecOps, security engineer, security researchers, pentesting, api security, network security, mobile s...
Penetration Testing For - Web | Mobile | API | Thick Client | Source Code Review | DevSecOps | Wireless | Network Pentesting, etc...
Some good resources for getting started with application security
Code Pathfinder, the open-source alternative to GitHub CodeQL built with GoLang. Built for advanced structural search, derive insights, find vulnerabilities in code.
Protect your web-application with Dynamic Style Loading and Real-Time Obfuscation. Easy to use!
SDK providing app protection and threat monitoring for mobile devices. Works with Flutter, React Native, Android and iOS. Shield your app with free RASP. Detect reverse engineering, root (Magisk), jai...
Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. Sugar-Free and Secure: no any external dependencies except for ...
Security interview questions with possible explanation for roles in AppSec, Pentesting, Cloud Security, DevSecOps, Network Security and so on
This repository contains cheatsheets and payloads compiled from completing the labs at PortSwigger Academy.
Protect your web-application with Dynamic Style Loading and Real-Time Obfuscation. Easy to use!
collectvars collects JavaScript variables, highlights risky ones, and helps you understand code structure, while you casually browse.
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Mantis is a security framework that automates the workflow of discovery, reconnaissance, and vulnerability scanning.
Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...
A curated list of awesome Android Reverse Engineering training, resources, and tools.
A curated list of resources for learning about application security
open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.
An industry-leading free, high-performance, AI and semantic technology web application firewall and API security protection product - UUSEC WAF. 一款工业级免费、高性能、高扩展,支持AI和语义引擎的Web应用和API安全防护产品-南墙。Web应用防火墙、W...
Penetration Testing For - Web | Mobile | API | Thick Client | Source Code Review | DevSecOps | Wireless | Network Pentesting, etc...
Curating the best DevSecOps resources and tooling.
Security automation content in SCAP, Bash, Ansible, and other formats
Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.
SDK providing app protection and threat monitoring for mobile devices. Works with Flutter, React Native, Android and iOS. Shield your app with free RASP. Detect reverse engineering, root (Magisk), jai...
Skills and career roadmap for various security roles like application security, cloud security, DevSecOps, security engineer, security researchers, pentesting, api security, network security, mobile s...
This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.
Penetration Testing For - Web | Mobile | API | Thick Client | Source Code Review | DevSecOps | Wireless | Network Pentesting, etc...
collectvars collects JavaScript variables, highlights risky ones, and helps you understand code structure, while you casually browse.
Mantis is a security framework that automates the workflow of discovery, reconnaissance, and vulnerability scanning.
A curated list of awesome Android Reverse Engineering training, resources, and tools.
This repository contains cheatsheets and payloads compiled from completing the labs at PortSwigger Academy.
An industry-leading free, high-performance, AI and semantic technology web application firewall and API security protection product - UUSEC WAF. 一款工业级免费、高性能、高扩展,支持AI和语义引擎的Web应用和API安全防护产品-南墙。Web应用防火墙、W...
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.
Skills and career roadmap for various security roles like application security, cloud security, DevSecOps, security engineer, security researchers, pentesting, api security, network security, mobile s...
SDK providing app protection and threat monitoring for mobile devices. Works with Flutter, React Native, Android and iOS. Shield your app with free RASP. Detect reverse engineering, root (Magisk), jai...
This repository is a dockerized PHP application containing some file upload vulnerability challenges (scenarios).
This repository contains a list of roadmaps I created with my suggestions on LinkedIn and Twitter.🤞🏻😌
An ongoing & curated collection of awesome software practices and remediation, libraries and frameworks,payloads and techniques, best guidelines and technical resources about Application Security
Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.
Security interview questions with possible explanation for roles in AppSec, Pentesting, Cloud Security, DevSecOps, Network Security and so on