OWASP-Benchmark / BenchmarkUtils
OWASP Benchmark Project Utilities - Provides scorecard generation and crawling tools for Benchmark style test suites.
☆17Updated this week
Alternatives and similar repositories for BenchmarkUtils:
Users that are interested in BenchmarkUtils are comparing it to the libraries listed below
- Maturity Model Collaborative project☆14Updated last year
- OWASP Foundation Web Respository☆28Updated 2 years ago
- InfoSec OpenAI Examples☆19Updated last year
- Contains all my research and content produced regarding the log4shell vulnerability☆31Updated 2 years ago
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …☆59Updated 6 months ago
- Autoconfigured ELK Stack That Contains All EPSS and NVD CVE Data☆48Updated 6 months ago
- GitHub action to run Threagile, the agile threat modeling toolkit, on a repo's threagile.yaml file☆13Updated 8 months ago
- Malicious actors often reuse code to deploy their malware, phishing website or CNC server. As a result, similiaries can be found on URLs …☆74Updated last year
- A MAL language that demonstrates the Maven project structure☆23Updated 2 years ago
- Externalize Java application access to protected resources as log messages.☆41Updated 8 months ago
- A very vulnerable implementation of a GraphQL API.☆57Updated 3 years ago
- FastCVE - fast, rich and API-based search for CVE and more (CPE, CWE, CAPEC)☆41Updated this week
- Global Security Database Tools☆42Updated last year
- Official repository for the Open Vulnerability and Assessment Language☆38Updated this week
- Docs: Vulnerability management aggregation of AppSec & OpSec (Tools Listing)☆30Updated last year
- Software Component Verification Standard (SCVS)☆138Updated 9 months ago
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and vers…☆104Updated 3 weeks ago
- A compilation of network scanning strategies to find vulnerable devices☆73Updated 2 years ago
- Extensible framework for analyzing publicly available information about vulnerabilities☆109Updated 3 weeks ago
- Performing automated scan using Burp Suite Pro & Vmware Burp Rest API☆49Updated 2 years ago
- Documentation of Semgrep: a fast, open-source, static analysis tool.☆38Updated this week
- Semgrep rules corresponding to the OWASP ASVS standard☆27Updated 4 years ago
- Demonstrates how a malicious dependency could negatively impact the build output.☆24Updated last year
- StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different so…☆49Updated this week
- Python API library for DefectDojo☆40Updated last year
- Enriching the NVD CVSS scores to include Temporal & Threat Metrics☆63Updated this week
- Puma Prey contains vulnerable .NET target applications to test the Puma Scan rules against. This project contains Web Forms, MVC5, and Co…☆21Updated 8 months ago
- CI Pipeline with Pixi, the WAF OWASP Core Rule Set and TestCafe tests.☆15Updated 3 years ago
- Static Token And Credential Scanner☆95Updated last year
- Paper, data and code from Investigating Potential Security Vulnerability Manifestation through Various Analyses & Inferences Regarding In…☆18Updated 3 years ago