Checkmarx / capital
A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Security vulnerabilities within your own API Security CTF.
☆274Updated 7 months ago
Related projects ⓘ
Alternatives and complementary repositories for capital
- Websec interview questions by tib3rius answered☆304Updated last year
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files☆196Updated last month
- A tool to scrape the AWS ranges looking for a keyword in SSL certificate data.☆225Updated 10 months ago
- BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for c…☆381Updated 3 months ago
- Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.☆492Updated 3 weeks ago
- Security Auditor Utility for GraphQL APIs☆384Updated 2 months ago
- OWASP Code Review Guide Web Repository☆123Updated 2 years ago
- This repo contains IOC, malware and malware analysis associated with Public cloud☆244Updated last week
- ☆292Updated 3 months ago
- Misconfig Mapper is a fast tool to help you uncover security misconfigurations on popular third-party services used by your company and/o…☆391Updated last week
- A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.☆544Updated last week
- ☆447Updated 6 months ago
- ☆181Updated last year
- Security interview questions with possible explanation for roles in AppSec, Pentesting, Cloud Security, DevSecOps, Network Security and s…☆305Updated last month
- ☆193Updated 6 months ago
- Control Your Infrastructure, Scale Your Scanning—On Your Terms. Easily distribute arbitrary binaries and scripts using any of our eight s…☆258Updated this week
- Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @Webbi…☆209Updated 2 months ago
- A Broken Application - Very Vulnerable!☆131Updated 2 weeks ago
- Gram is Klarna's own threat model diagramming tool☆282Updated this week
- Create your own vulnerable by design AWS penetration testing playground☆331Updated 6 months ago
- API Security Project aims to present unique attack & defense methods in API Security field☆279Updated 2 years ago
- 🚀 Join us for 30days of daily API security tests. #30days30tests We've spent last 120days building amazing API security tests for the c…☆197Updated last year
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …☆533Updated 11 months ago
- Fast and customizable vulnerability scanner For JIRA written in Python☆317Updated 9 months ago
- GitHub Attack Toolkit - Extreme Edition☆197Updated this week
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆131Updated last year
- GraphQL threat framework used by security professionals to research security gaps in GraphQL implementations☆288Updated 11 months ago
- Awesome curate list of cyber security penetration testing tools for Cloud Security mainly AWS/Azure/Google☆117Updated 3 years ago
- Find authentication (authn) and authorization (authz) security bugs in web application routes.☆252Updated 4 months ago
- GCPGoat : A Damn Vulnerable GCP Infrastructure☆359Updated 3 weeks ago