OWASP-Benchmark / BenchmarkJavaLinks
OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually expl…
☆721Updated last week
Alternatives and similar repositories for BenchmarkJava
Users that are interested in BenchmarkJava are comparing it to the libraries listed below
Sorting:
- Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.☆953Updated this week
- Vulnerable Java based Web Application☆269Updated last year
- Analyses your Java applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determ…☆542Updated last year
- Evaluation Framework for Dependency Analysis (EFDA)☆43Updated 3 years ago
- The Web Application Vulnerability Scanner Evaluation Project☆233Updated 2 years ago
- The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala proje…☆2,361Updated last month
- GitHub Satellite 2020 workshops on finding security vulnerabilities with CodeQL for Java/JavaScript.☆210Updated 10 months ago
- Vulncode-DB project☆580Updated 3 years ago
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆847Updated last year
- VisualCodeGrepper - Code security scanning tool.☆538Updated 2 years ago
- NVD, Ubuntu, Alpine☆436Updated this week
- Home page of project "KB"☆127Updated 4 months ago
- API Fuzzer which allows to fuzz request attributes using common pentesting techniques and lists vulnerabilities☆399Updated 8 years ago
- Look-Ahead Java Deserialization Library☆418Updated 5 years ago
- Security Knowledge Framework (SKF) Python Flask / Angular project☆818Updated last year
- Global Security Database☆319Updated last year
- A collection of test cases in the Java language. It contains examples for 112 different CWEs.☆56Updated 4 years ago
- Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages☆134Updated 2 years ago
- Web and mobile application security training platform☆1,396Updated last year
- Checkmarx Python SDK☆28Updated last week
- The BodgeIt Store is a vulnerable web application which is currently aimed at people who are new to pen testing.☆273Updated 11 months ago
- OWASP VulnerableApp Project: For Security Enthusiasts by Security Enthusiasts.☆332Updated 2 weeks ago
- SAMM stands for Software Assurance Maturity Model.☆396Updated 3 years ago
- A Pythonic framework for threat modeling☆1,020Updated 2 months ago
- Generic SAST Library☆132Updated last month
- Checkmarx Scan and Result Orchestration☆99Updated 2 weeks ago
- Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilit…☆544Updated 3 years ago
- Read and write Fortify Project (FPR) files in Python☆40Updated 5 years ago
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…☆148Updated last year
- A comprehensive list of software composition analysis tools.☆151Updated last year