OWASP-Benchmark / BenchmarkUtils
OWASP Benchmark Project Utilities - Provides scorecard generation and crawling tools for Benchmark style test suites.
☆14Updated last week
Related projects: ⓘ
- CVSS v4.0 calculator☆21Updated last month
- Autoconfigured ELK Stack That Contains All EPSS and NVD CVE Data☆45Updated 2 months ago
- InfoSec OpenAI Examples☆19Updated 9 months ago
- Maturity Model Collaborative project☆13Updated last year
- Malicious actors often reuse code to deploy their malware, phishing website or CNC server. As a result, similiaries can be found on URLs …☆74Updated 10 months ago
- Docs: Vulnerability management aggregation of AppSec & OpSec (Tools Listing)☆30Updated last year
- CVSS v4.0 calculator☆34Updated last week
- DefectDojo Community Content☆17Updated 5 months ago
- OWASP Threat Dragon core files☆28Updated 3 years ago
- Python API library for DefectDojo☆40Updated last year
- A collection of data fetchers, and simple quarterly and yearly CVE forecasting models.☆30Updated 11 months ago
- OWASP Foundation Web Respository☆26Updated last year
- A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.☆54Updated 2 weeks ago
- A community collection of security reviews of open source software components.☆92Updated 6 months ago
- CI Pipeline with Pixi, the WAF OWASP Core Rule Set and TestCafe tests.☆15Updated 3 years ago
- VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordin…☆53Updated 2 weeks ago
- Semgrep rules corresponding to the OWASP ASVS standard☆27Updated 3 years ago
- GitHub action to run Threagile, the agile threat modeling toolkit, on a repo's threagile.yaml file☆13Updated 4 months ago
- VulDB Python scripts to fetch data via API☆19Updated 4 years ago
- Documentation of Semgrep: a fast, open-source, static analysis tool.☆37Updated this week
- Static Token And Credential Scanner☆94Updated last year
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …☆54Updated 2 months ago
- A comprehensive, systematic and actionable way to understand attacker behaviors and techniques with respect to the software supply chain☆85Updated 7 months ago
- Enriching the NVD CVSS scores to include Temporal & Threat Metrics☆56Updated this week
- Official repository for the Open Vulnerability and Assessment Language☆33Updated 4 months ago
- MITRE Engage™ is a framework for conducting Denial, Deception, and Adversary Engagements.☆59Updated 5 months ago
- Contains all my research and content produced regarding the log4shell vulnerability☆32Updated 2 years ago
- Monthly CVE Stats☆33Updated 2 weeks ago
- Mirror - CIS Benchamarks☆37Updated 3 years ago
- A collection of Semgrep rules which followed security guidelines for .NET and Java.☆12Updated 2 years ago