BlazingWind / OWASP-ASVS-4.0-testing-guideView external linksLinks
☆124Nov 8, 2023Updated 2 years ago
Alternatives and similar repositories for OWASP-ASVS-4.0-testing-guide
Users that are interested in OWASP-ASVS-4.0-testing-guide are comparing it to the libraries listed below
Sorting:
- ZAP scripts to implement ASVS L1 checking☆16Apr 28, 2022Updated 3 years ago
- Externalize Java application access to protected resources as log messages.☆43Jan 22, 2026Updated 3 weeks ago
- A simple web app that helps developers understand the ASVS requirements. Now supporting ASVS 5.0☆163Nov 25, 2025Updated 2 months ago
- OWASP Application Security Verification Standard 4.0 Checklist☆33Apr 15, 2019Updated 6 years ago
- Semgrep rules corresponding to the OWASP ASVS standard☆27Nov 2, 2020Updated 5 years ago
- 🖇️ equivalence table between OWASP ASVS standard and STRIDE threat modeling methodology.☆76Aug 22, 2024Updated last year
- We borrow the concept of 'personas' from UX/service design and apply it to threat actors to improve understanding between security, techn…☆11Jun 17, 2020Updated 5 years ago
- Interactive IPython Notebook to demonstrate OWASP ZAP's API and Scripting Functions - OWASP ZAP 2.8.0☆41Dec 8, 2022Updated 3 years ago
- Test Azure environment for MFA misconfigurations☆12Jan 13, 2023Updated 3 years ago
- The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.☆110Jan 16, 2024Updated 2 years ago
- ☆35May 13, 2021Updated 4 years ago
- Yet Another SCA tool☆13Nov 10, 2022Updated 3 years ago
- A small tool to help developers understand a huge set of security requirements from appsec teams☆46Sep 2, 2022Updated 3 years ago
- This project is about creating and publishing threat model examples.☆427Nov 10, 2021Updated 4 years ago
- ☆69Jul 18, 2025Updated 6 months ago
- ☆15Feb 9, 2022Updated 4 years ago
- Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.☆78Mar 4, 2022Updated 3 years ago
- ☆284Dec 1, 2022Updated 3 years ago
- A Continuous Threat Modeling methodology☆324Jun 24, 2022Updated 3 years ago
- This script will pull and analyze syscalls in given application(s) allowing for easier security research purposes☆21Mar 11, 2021Updated 4 years ago
- A tool that automates the trevorc2 powershell agent obfuscation process with the pyfuscation tool☆15Jun 28, 2023Updated 2 years ago
- ☆30Jul 29, 2021Updated 4 years ago
- Segment's Threat Modeling training for our engineers☆245May 4, 2021Updated 4 years ago
- ☆15Oct 8, 2025Updated 4 months ago
- OWASP ASVS checklist for audits☆212Jan 5, 2024Updated 2 years ago
- ☆35Mar 8, 2022Updated 3 years ago
- OAuth 2.0 Dynamic Security Scanner☆33Feb 27, 2021Updated 4 years ago
- ☆140Mar 29, 2023Updated 2 years ago
- Application Security Verification Standard☆3,331Jan 31, 2026Updated last week
- threatspec - continuous threat modeling, through code☆376Dec 30, 2020Updated 5 years ago
- ☆18Apr 21, 2020Updated 5 years ago
- Quick Start/Setup of CI/CD for Offensive/Defensive Purposes�☆21Sep 4, 2021Updated 4 years ago
- ☆20Jan 18, 2022Updated 4 years ago
- WebStor efficiently enumerates all websites across your organization’s networks and those in your DNS records - including cloud-hosted se…☆156Mar 31, 2024Updated last year
- ☆37Jun 27, 2020Updated 5 years ago
- InfoSec OpenAI Examples☆19Nov 26, 2023Updated 2 years ago
- 802.15.4 Fuzzer☆21Mar 25, 2019Updated 6 years ago
- Apache HTTP-Server 2.4.49-2.4.50 Path Traversal & Remote Code Execution PoC (CVE-2021-41773 & CVE-2021-42013)☆12Aug 22, 2025Updated 5 months ago
- Example of using Gauge and OWASP ZAP for test automation☆11Jan 9, 2020Updated 6 years ago