OWASP-Benchmark / BenchmarkJavaLinks
OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually expl…
☆720Updated this week
Alternatives and similar repositories for BenchmarkJava
Users that are interested in BenchmarkJava are comparing it to the libraries listed below
Sorting:
- Analyses your Java applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determ…☆541Updated last year
- Vulnerable Java based Web Application☆270Updated last year
- Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.☆938Updated this week
- GitHub Satellite 2020 workshops on finding security vulnerabilities with CodeQL for Java/JavaScript.☆210Updated 9 months ago
- The Web Application Vulnerability Scanner Evaluation Project☆233Updated 2 years ago
- NVD, Ubuntu, Alpine☆433Updated this week
- Vulncode-DB project☆580Updated 3 years ago
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆846Updated last year
- API Fuzzer which allows to fuzz request attributes using common pentesting techniques and lists vulnerabilities☆399Updated 7 years ago
- Checkmarx Python SDK☆28Updated last week
- SAMM stands for Software Assurance Maturity Model.☆396Updated 3 years ago
- Evaluation Framework for Dependency Analysis (EFDA)☆43Updated 3 years ago
- Global Security Database☆319Updated last year
- Node application to help managing Maturity Models like the ones created by BSIMM and OpenSAMM☆195Updated 6 years ago
- Home page of project "KB"☆126Updated 3 months ago
- Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilit…☆543Updated 3 years ago
- A very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of se…☆470Updated 10 months ago
- Security Knowledge Framework (SKF) Python Flask / Angular project☆818Updated last year
- Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem☆656Updated 4 years ago
- Checkmarx Scan and Result Orchestration☆99Updated this week
- The BodgeIt Store is a vulnerable web application which is currently aimed at people who are new to pen testing.☆273Updated 10 months ago
- Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages☆133Updated 2 years ago
- An open source, online threat modelling tool from OWASP☆484Updated last year
- A Pythonic framework for threat modeling☆1,012Updated last month
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…☆148Updated last year
- Web and mobile application security training platform☆1,389Updated last year
- Generic SAST Library☆132Updated 3 weeks ago
- Yet Another Source Code Analyzer☆184Updated 3 years ago
- Look-Ahead Java Deserialization Library☆415Updated 5 years ago
- Read and write Fortify Project (FPR) files in Python☆40Updated 5 years ago