OWASP-Benchmark / BenchmarkJavaLinks
OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually expl…
☆768Updated last week
Alternatives and similar repositories for BenchmarkJava
Users that are interested in BenchmarkJava are comparing it to the libraries listed below
Sorting:
- Vulnerable Java based Web Application☆270Updated last year
- Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.☆1,070Updated this week
- The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala proje…☆2,408Updated 7 months ago
- Analyses your Java applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determ…☆541Updated 2 years ago
- GitHub Satellite 2020 workshops on finding security vulnerabilities with CodeQL for Java/JavaScript.☆211Updated last year
- Evaluation Framework for Dependency Analysis (EFDA)☆44Updated 3 years ago
- Vulncode-DB project☆577Updated 4 years ago
- The Web Application Vulnerability Scanner Evaluation Project☆240Updated 3 years ago
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆863Updated 2 years ago
- A collection of test cases in the Java language. It contains examples for 112 different CWEs.☆61Updated 4 years ago
- Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages☆136Updated 3 years ago
- API Fuzzer which allows to fuzz request attributes using common pentesting techniques and lists vulnerabilities☆407Updated 8 years ago
- NVD, Ubuntu, Alpine☆449Updated last week
- The BodgeIt Store is a vulnerable web application which is currently aimed at people who are new to pen testing.☆281Updated last year
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…☆160Updated last year
- OWASP VulnerableApp Project: For Security Enthusiasts by Security Enthusiasts.☆357Updated this week
- Look-Ahead Java Deserialization Library☆422Updated 6 years ago
- Generic SAST Library☆135Updated 7 months ago
- Home page of project "KB"☆132Updated 10 months ago
- An automated tool for the detection of regexes' slow-matching vulnerabilities.☆154Updated 4 years ago
- A byte code analyzer for finding deserialization gadget chains in Java applications☆1,080Updated 4 years ago
- Checkmarx Python SDK☆30Updated 3 weeks ago
- SAMM stands for Software Assurance Maturity Model.☆398Updated 3 years ago
- ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.☆164Updated 2 years ago
- A static byte code analyzer for Java deserialization gadget research☆252Updated 8 years ago
- A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos enginee…☆226Updated last year
- Global Security Database☆318Updated last year
- Useful tools and Examples made by Checkmarx Professional Services☆39Updated 4 months ago
- Binaries for the CodeQL CLI☆935Updated last week
- VisualCodeGrepper - Code security scanning tool.☆546Updated 2 years ago