Trending repositories for topic appsec
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Penetration Testing For - Web | Mobile | API | Thick Client | Source Code Review | DevSecOps | Wireless | Network Pentesting, etc...
open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...
Datadog Go Library including APM tracing, profiling, and security monitoring.
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
The parent project for OpenZiti. Here you will find the executables for a fully zero trust, application embedded, programmable network @OpenZiti
Penetration Testing For - Web | Mobile | API | Thick Client | Source Code Review | DevSecOps | Wireless | Network Pentesting, etc...
Focused malicious code detection optimizing the protection-to-noise ratio
A simple PHP application to learn SQL Injection detection and exploitation techniques.
open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.
A curated list of policy-as-code resources like blogs, videos, and tools to practice on for learning Policy-as-Code.
Datadog Go Library including APM tracing, profiling, and security monitoring.
An OOB interaction gathering server and client library
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
DevSecOps, ASPM, Vulnerability Management. All on one platform.
Focused malicious code detection optimizing the protection-to-noise ratio
Penetration Testing For - Web | Mobile | API | Thick Client | Source Code Review | DevSecOps | Wireless | Network Pentesting, etc...
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.
The parent project for OpenZiti. Here you will find the executables for a fully zero trust, application embedded, programmable network @OpenZiti
A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
Focused malicious code detection optimizing the protection-to-noise ratio
This repo contains the code for my secure code review challenges
Penetration Testing For - Web | Mobile | API | Thick Client | Source Code Review | DevSecOps | Wireless | Network Pentesting, etc...
本项目通过大模型联动爬虫,检索Github上所有存有有价值漏洞信息与漏洞POC或规则信息的项目,并自动识别项目的目录结构、Readme信息后进行总结分析并分类,所汇总的项目可以帮助安全行业从业者收集漏洞信息、POC信息、规则等。
A library for detecting known secrets across many web frameworks
open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.
SecHub provides a central API to test software with different security tools.
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
A curated list of policy-as-code resources like blogs, videos, and tools to practice on for learning Policy-as-Code.
An OOB interaction gathering server and client library
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Focused malicious code detection optimizing the protection-to-noise ratio
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
The parent project for OpenZiti. Here you will find the executables for a fully zero trust, application embedded, programmable network @OpenZiti
DevSecOps, ASPM, Vulnerability Management. All on one platform.
open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...
Penetration Testing For - Web | Mobile | API | Thick Client | Source Code Review | DevSecOps | Wireless | Network Pentesting, etc...
This repo contains the code for my secure code review challenges
本项目通过大模型联动爬虫,检索Github上所有存有有价值漏洞信息与漏洞POC或规则信息的项目,并自动识别项目的目录结构、Readme信息后进行总结分析并分类,所汇总的项目可以帮助安全行业从业者收集漏洞信息、POC信息、规则等。
Penetration Testing For - Web | Mobile | API | Thick Client | Source Code Review | DevSecOps | Wireless | Network Pentesting, etc...
HTTP client with built-in SSRF protection, compatible with Tesla and HTTPoison
CodeBreakers: From Dev to Hacker - Teaching developers to how become a app sec ninja !
open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.
A simple PHP application to learn SQL Injection detection and exploitation techniques.
Awesome products for securing AI systems includes open source and commercial options and an infographic licensed CC-BY-SA-4.0.
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
OWASP Foundation Threat Dragon Project Web Repository
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
The parent project for OpenZiti. Here you will find the executables for a fully zero trust, application embedded, programmable network @OpenZiti
Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.
FlowAnalyzer is a tool to help in testing and analyzing OAuth 2.0 Flows, including OpenID Connect (OIDC).
Focused malicious code detection optimizing the protection-to-noise ratio
oauth-labs: an intentionally vulnerable set of OAuth 2.0 labs for security training and learning
Awesome products for securing AI systems includes open source and commercial options and an infographic licensed CC-BY-SA-4.0.
CodeBreakers: From Dev to Hacker - Teaching developers to how become a app sec ninja !
AssetViz simplifies the visualization of subdomains from input files, presenting them as a coherent mind map. Ideal for penetration testers and bug bounty hunters conducting reconnaissance, AssetViz ...
Stop leaks. Safeguard your secrets with GitGuardian. GitGuardian actively prevents accidental exposure of sensitive information in your code, allowing you to code confidently and maintain the integrit...
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
The parent project for OpenZiti. Here you will find the executables for a fully zero trust, application embedded, programmable network @OpenZiti
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
DevSecOps, ASPM, Vulnerability Management. All on one platform.
Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...
open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.
Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.
FlowAnalyzer is a tool to help in testing and analyzing OAuth 2.0 Flows, including OpenID Connect (OIDC).
Penetration Testing For - Web | Mobile | API | Thick Client | Source Code Review | DevSecOps | Wireless | Network Pentesting, etc...
CodeBreakers: From Dev to Hacker - Teaching developers to how become a app sec ninja !
本项目通过大模型联动爬虫,检索Github上所有存有有价值漏洞信息与漏洞POC或规则信息的项目,并自动识别项目的目录结构、Readme信息后进行总结分析并分类,所汇总的项目可以帮助安全行业从业者收集漏洞信息、POC信息、规则等。
oauth-labs: an intentionally vulnerable set of OAuth 2.0 labs for security training and learning
This repo contains the code for my secure code review challenges
AssetViz simplifies the visualization of subdomains from input files, presenting them as a coherent mind map. Ideal for penetration testers and bug bounty hunters conducting reconnaissance, AssetViz ...
subfalcon is a subdomain enumeration tool that allows you to discover and monitor subdomains for a given list of domains or a single domain. It fetches subdomains from various sources, checks for pote...
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
OWASP Machine Learning Security Top 10 Project
open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.
The parent project for OpenZiti. Here you will find the executables for a fully zero trust, application embedded, programmable network @OpenZiti
SDK providing app protection and threat monitoring for mobile devices. Works with Flutter, React Native, Android and iOS. Shield your app with free RASP. Detect reverse engineering, root (Magisk), jai...