OWASP-Benchmark / BenchmarkUtils
OWASP Benchmark Project Utilities - Provides scorecard generation and crawling tools for Benchmark style test suites.
☆17Updated this week
Alternatives and similar repositories for BenchmarkUtils:
Users that are interested in BenchmarkUtils are comparing it to the libraries listed below
- Maturity Model Collaborative project☆14Updated last year
- Externalize Java application access to protected resources as log messages.☆40Updated 9 months ago
- A Burp plugin to export findings to DefectDojo☆30Updated last year
- Autoconfigured ELK Stack That Contains All EPSS and NVD CVE Data☆49Updated 7 months ago
- Semgrep rules corresponding to the OWASP ASVS standard☆27Updated 4 years ago
- Static Token And Credential Scanner☆96Updated last year
- My custom semgrep rules☆20Updated 4 years ago
- Docs: Vulnerability management aggregation of AppSec & OpSec (Tools Listing)☆30Updated last year
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and vers…☆105Updated this week
- VulDB Python scripts to fetch data via API☆20Updated 4 years ago
- A Crowdsourcing Exchange for mapping various sources of security vulnerabilities, exposures, threats, and controls data☆26Updated 5 years ago
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …☆61Updated 7 months ago
- InfoSec OpenAI Examples☆19Updated last year
- OWASP Threat Dragon core files☆11Updated 6 months ago
- Software Component Verification Standard (SCVS)☆140Updated 10 months ago
- Scripts that we use for pentesting☆42Updated 7 years ago
- With the hope that someone finds the data useful, we used to periodically publish an archive of almost all of the non-sensitive vulnerabi…☆91Updated 9 months ago
- A simple Java command-line utility to mirror the entire contents of VulnDB.☆44Updated 2 months ago
- Manager of third-party sources of Semgrep rules 🗂☆78Updated 7 months ago
- SWAMP-in-a-Box☆61Updated 4 years ago
- Safelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning …☆41Updated 8 months ago
- StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different so…☆49Updated last week
- OWASP Foundation Web Respository☆34Updated 5 months ago
- OWASP Foundation Web Respository☆28Updated 2 years ago
- Dependency Combobulator☆89Updated last year
- CI Pipeline with Pixi, the WAF OWASP Core Rule Set and TestCafe tests.☆15Updated 3 years ago
- GitHub action to run Threagile, the agile threat modeling toolkit, on a repo's threagile.yaml file☆13Updated 9 months ago
- Contains all my research and content produced regarding the log4shell vulnerability☆31Updated 3 years ago
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…☆141Updated 11 months ago
- ☆20Updated 6 years ago