Want to become an Application Security Engineer? Here's a roadmap to help you get there.
☆33Sep 3, 2022Updated 3 years ago
Alternatives and similar repositories for appsec-engineer-roadmap
Users that are interested in appsec-engineer-roadmap are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Deception implementation through analysis of BloodHound data☆55Updated this week
- SDK for building SecDim Play challenges, an open training game for AppSec, DevSecOps, CloudSec, etc.☆30Aug 7, 2025Updated 7 months ago
- 12-week Geekwise course on web application security and hardening.☆17Mar 19, 2020Updated 6 years ago
- My notes/solutions to the problems in "The Web Application Hacker's Handbook" (https://portswigger.net/web-security/web-application-hacke…☆30Jan 22, 2024Updated 2 years ago
- ☆17Sep 2, 2021Updated 4 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- My cyber security notes.☆14Feb 22, 2025Updated last year
- Some good resources for getting started with application security☆146Jun 2, 2021Updated 4 years ago
- My Offensive Security OSWA certification experience and my personal opinion what helps in preparation for the exam☆44Jul 13, 2023Updated 2 years ago
- The OWASP Testing Guide includes a "best practice" penetration testing framework which users can implement in their own organizations and…☆10Oct 12, 2019Updated 6 years ago
- Repositório de estudo em pt-br de InfoSec☆32Nov 2, 2025Updated 4 months ago
- Offensive Security Web Assessor Resources Repo☆37Oct 30, 2023Updated 2 years ago
- TryHackMe CTF writeups☆24Dec 24, 2023Updated 2 years ago
- Semgrep Pro Rules to ensure code using LLMs is following best practices☆61Mar 11, 2026Updated 2 weeks ago
- A Burp Suite extension that converts IP addresses to decimal notation, useful for SSRF bypass and WAF evasion testing. Created by Harshad…☆11Dec 9, 2024Updated last year
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Bash-based recon automation script that orchestrates tools like Nmap, Dirsearch (Python), and crt.sh to perform port scanning, directory …☆15Jul 22, 2025Updated 8 months ago
- Security interview questions with possible explanation for roles in AppSec, Pentesting, Cloud Security, DevSecOps, Network Security and s…☆440Dec 28, 2024Updated last year
- Starter Kit: Hardware Hacking☆16Jan 15, 2021Updated 5 years ago
- A Go implementation of Rust's evmap which optimizes for high-read, low-write workloads and uses eventual consistency to ensure that reade…☆10Aug 21, 2022Updated 3 years ago
- Yet Another Vulnerability Database☆16Jul 23, 2021Updated 4 years ago
- Crawl telegram chat history☆11May 30, 2019Updated 6 years ago
- Mass Hunting & Exploitation PoC for CVE-2025-55182 & CVE-2025-66478☆38Dec 7, 2025Updated 3 months ago
- Misery Loader to bypass modern EDR solutions☆15Dec 20, 2024Updated last year
- A step-by-step walkthrough of different machines "pwned" on the CTF-like platform, HackTheBox.☆70Aug 22, 2022Updated 3 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- CVE-2025-55182 React Server Components Remote Code Execution Exploit Tool☆42Dec 5, 2025Updated 3 months ago
- Compatible versions of the frida package for each version of the frida-tools package. Automatically updated through CI/CD☆24Mar 10, 2026Updated 2 weeks ago
- Monorepo of Labs for the Security Knowledge Framework (SKF)☆44Jun 12, 2025Updated 9 months ago
- Slides from various conferences and talks I've given☆14Oct 12, 2025Updated 5 months ago
- A tutorial on how to train RNN-T from scratch with Whisper encoder☆12Mar 11, 2025Updated last year
- Extract endpoints from specific Git repository for fuzzing☆23Nov 3, 2020Updated 5 years ago
- PowerShell Script to automatically abuse the BadSuccessor vulnerability (CVE-2025-53779)☆45Nov 19, 2025Updated 4 months ago
- AI-VAPT is an autonomous AI-driven Vulnerability Assessment & Penetration Testing framework combining traditional VAPT with neural intell…☆88Oct 7, 2025Updated 5 months ago
- Public repository of all things cloud security.☆48Sep 20, 2024Updated last year
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.☆18Jul 28, 2022Updated 3 years ago
- Convert kirbi ticket from mimikatz into hashcat format to crack it☆13Mar 5, 2019Updated 7 years ago
- Site oficial da LibreCode http://librecode.coop☆16Mar 9, 2026Updated 2 weeks ago
- Proxy Management for Security Professionals☆24Mar 25, 2025Updated last year
- Obtain information about network hosts☆23Jul 25, 2024Updated last year
- Nuclei template for CVE-2024-23897 (Jenkins LFI Vulnerability)☆21Feb 5, 2024Updated 2 years ago
- Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOp…☆4,907Dec 31, 2025Updated 2 months ago