OWASP-Benchmark / BenchmarkJavaLinks
OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually expl…
☆713Updated last week
Alternatives and similar repositories for BenchmarkJava
Users that are interested in BenchmarkJava are comparing it to the libraries listed below
Sorting:
- Vulnerable Java based Web Application☆268Updated 11 months ago
- SAMM stands for Software Assurance Maturity Model.☆397Updated 3 years ago
- The Web Application Vulnerability Scanner Evaluation Project☆233Updated 2 years ago
- Evaluation Framework for Dependency Analysis (EFDA)☆43Updated 3 years ago
- Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.☆916Updated this week
- GitHub Satellite 2020 workshops on finding security vulnerabilities with CodeQL for Java/JavaScript.☆210Updated 8 months ago
- OWASP VulnerableApp Project: For Security Enthusiasts by Security Enthusiasts.☆324Updated 6 months ago
- Node application to help managing Maturity Models like the ones created by BSIMM and OpenSAMM☆194Updated 6 years ago
- Vulncode-DB project☆580Updated 3 years ago
- NVD, Ubuntu, Alpine☆429Updated this week
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…☆144Updated last year
- API Fuzzer which allows to fuzz request attributes using common pentesting techniques and lists vulnerabilities☆395Updated 7 years ago
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆842Updated last year
- Software Component Verification Standard (SCVS)☆147Updated 2 months ago
- Java Observability Toolkit☆61Updated last year
- A Pythonic framework for threat modeling☆1,003Updated this week
- This project is about creating and publishing threat model examples.☆419Updated 3 years ago
- Purposely vulnerable Java application to help lead secure coding workshops☆181Updated 11 months ago
- Generic SAST Library☆131Updated 6 months ago
- An open source, online threat modelling tool from OWASP☆484Updated 11 months ago
- Global Security Database☆318Updated last year
- Home page of project "KB"☆126Updated 2 months ago
- Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem☆657Updated 4 years ago
- Checkmarx Python SDK☆28Updated this week
- Analyses your Java applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determ…☆541Updated last year
- This repo is no longer in use. Please refer to https://github.com/OWASP/www-project-vulnerable-web-applications-directory☆880Updated 7 months ago
- Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages☆133Updated 2 years ago
- Checkmarx Scan and Result Orchestration☆96Updated 2 weeks ago
- Automate security tests using Burp Suite.☆226Updated 11 months ago
- The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala proje…☆2,342Updated last month