Checkmarx / capitalLinks
A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Security vulnerabilities within your own API Security CTF.
☆301Updated last month
Alternatives and similar repositories for capital
Users that are interested in capital are comparing it to the libraries listed below
Sorting:
- Websec interview questions by tib3rius answered☆311Updated last year
- A Broken Application - Very Vulnerable!☆172Updated last week
- ☆191Updated 2 years ago
- Security Auditor Utility for GraphQL APIs☆496Updated 7 months ago
- API Security Project aims to present unique attack & defense methods in API Security field☆286Updated 3 years ago
- ☆314Updated 2 months ago
- BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for c…☆430Updated 7 months ago
- APIsec|SCAN - Free API security testing using Github actions☆101Updated last year
- A curated list of Awesome Security Challenges.☆196Updated 10 months ago
- GraphQL threat framework used by security professionals to research security gaps in GraphQL implementations☆321Updated 2 months ago
- OWASP Code Review Guide Web Repository☆141Updated 3 years ago
- This repo contains the code for my secure code review challenges. I was told that people used this as the primary resources to pass FAANG…☆218Updated last month
- Find authentication (authn) and authorization (authz) security bugs in web application routes.☆274Updated last week
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files☆226Updated 3 months ago
- Eliminate dangling elastic IPs by performing analysis on your resources within all your AWS accounts.☆278Updated last year
- Docker toolbox for pentest of web based application.☆166Updated this week
- GraphQL automated security testing toolkit☆325Updated last year
- A tool to scrape the AWS ranges looking for a keyword in SSL certificate data.☆236Updated last year
- Awesome information for WebSockets security research☆275Updated 3 years ago
- GCPGoat : A Damn Vulnerable GCP Infrastructure☆410Updated 10 months ago
- ☆83Updated 2 years ago
- intentionally vuln web Application Security in django☆277Updated 2 weeks ago
- Watch the latest awesome security talks around the globe☆278Updated 6 months ago
- Vulnerable code snippets with fixes for Web2, Web3, API, iOS, Android and Infrastructure-as-Code (IaC)☆164Updated last year
- Create your own vulnerable by design AWS penetration testing playground☆398Updated 3 weeks ago
- Gram is Klarna's own threat model diagramming tool☆325Updated last month
- A web CTF for training developers in bug hunting and secure coding!☆99Updated 8 months ago
- Nord Stream is a tool that allows you to extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently …☆299Updated last month
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆137Updated 5 months ago
- Damn Vulnerable Web Services is a vulnerable application with a web service and an API that can be used to learn about webservices/API re…☆489Updated 11 months ago