BBVA / apicheck
The DevSecOps toolset for REST APIs
☆270Updated last year
Related projects: ⓘ
- A tool geared towards pentesting APIs using OpenAPI definitions.☆167Updated last year
- A simple web app that helps developers understand the ASVS requirements.☆153Updated 6 months ago
- Automate security tests using Burp Suite.☆222Updated 3 months ago
- Fast and stealthy Amazon S3 bucket enumeration tool for pentesters.☆215Updated 3 months ago
- Cloud-related research releases from the Rhino Security Labs team.☆350Updated 4 years ago
- Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"☆344Updated 3 years ago
- Finding exposed secrets and personal data in GitLab☆195Updated last year
- ☆118Updated 10 months ago
- A starter secure code review checklist☆175Updated 5 years ago
- An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.☆180Updated this week
- Container Security Verification Standard☆57Updated 5 years ago
- ☆207Updated this week
- Benchmarking repo for secrets scanning☆229Updated last month
- Find cloud assets that no one wants exposed 🔎 ☁️☆330Updated 4 years ago
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider☆138Updated 3 years ago
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆95Updated 9 months ago
- vulnerable single sign on☆144Updated last month
- A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestrat…☆271Updated last week
- 🏰 A Python script for AWS S3 bucket enumeration.☆137Updated last year
- Ugly Duckling is a lightweight scanner built specifically for our Crowdsource community to submit proof-of-concept modules☆187Updated 2 years ago
- Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure D…☆145Updated 4 years ago
- AWS Extender (Cloud Storage Tester) is a Burp plugin to assess permissions of cloud storage containers on AWS, Google Cloud and Azure.☆240Updated 2 years ago
- The clever vulnerability dependency finder☆96Updated 2 years ago
- drHEADer helps with the audit of security headers received in response to a single request or a list of requests.☆105Updated this week
- OWASP Cloud Security - Enabling conversations through threat and control stories☆175Updated 5 years ago
- A step-by-step walkthrough of CloudGoat 2.0 scenarios.☆132Updated 4 years ago
- Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Applica…☆480Updated 6 years ago
- Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an outp…☆451Updated last year
- Damn Vulnerable Java (EE) Application☆129Updated 7 months ago
- The Pixi module is a MEAN Stack web app with wildly insecure APIs!☆110Updated last year