OWASP / ASST

Related projects: ⓘ

• JavierOlmedo / OWASP-Calculator
  🧮 An online calculator to assess the risk of web vulnerabilities based on OWASP Risk Assessment
  ☆142Updated 3 years ago
• softrams / bulwark
  An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
  ☆180Updated last week
• BBVA / apicheck
  The DevSecOps toolset for REST APIs
  ☆270Updated last year
• DSecureMe / vmc
  VMC: a Scalable, Open Source and Free Vulnerability Management Platform
  ☆80Updated 2 weeks ago
• appsecco / dvja
  Damn Vulnerable Java (EE) Application
  ☆129Updated 7 months ago
• OWASP / OWASPWebGoatPHP
  A deliberately vulnerable web application for learning web application security.
  ☆118Updated 6 months ago
• tristanlatr / burpa
  Burp Automator - A Burp Suite Automation Tool. It provides a high level CLI and Python interfaces to Burp Suite scanner and can be used t…
  ☆186Updated 5 months ago
• OWASP / www-project-security-knowledge-framework
  OWASP Foundation Web Respository
  ☆64Updated last year
• OWASP / Software-Component-Verification-Standard
  Software Component Verification Standard (SCVS)
  ☆133Updated 5 months ago
• OWASP / www-project-threat-dragon
  OWASP Foundation Threat Dragon Project Web Repository
  ☆68Updated last week
• OWASP / RiskAssessmentFramework
  The Secure Coding Framework
  ☆258Updated 4 years ago
• OWASP / www-project-devsecops-guideline
  The OWASP DevSecOps Guideline explains how we can implement a secure pipeline and use best practices and introduce tools that we can use …
  ☆58Updated 3 months ago
• devanshbatham / CertEagle
  Weaponizing Live CT logs for automated monitoring of assets
  ☆132Updated 3 years ago
• righettod / toolbox-pentest-web
  Docker toolbox for pentest of web based application.
  ☆137Updated this week
• koenbuyens / Vulnerable-OAuth-2.0-Applications
  vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.
  ☆305Updated 5 months ago
• Guezone / SECMON
  SECMON is a web-based tool for the automation of infosec watching and vulnerability management with a web interface.
  ☆220Updated 2 years ago
• jorritfolmer / vulnerable-api
  Enhanced fork with logging, OpenAPI 3.0 and Python 3 for security monitoring workshops
  ☆41Updated 7 months ago
• DevSlop / Pixi
  The Pixi module is a MEAN Stack web app with wildly insecure APIs!
  ☆110Updated last year
• OWASP / www-project-code-review-guide
  OWASP Code Review Guide Web Repository
  ☆119Updated 2 years ago
• OWASP / apicheck
  ☆35Updated 11 months ago
• RhinoSecurityLabs / Swagger-EZ
  A tool geared towards pentesting APIs using OpenAPI definitions.
  ☆167Updated last year
• zaproxy / zaproxy-website
  The source of ZAP website
  ☆64Updated this week
• softwaresecured / secure-code-review-checklist
  A starter secure code review checklist
  ☆175Updated 5 years ago
• mhaskar / Bughound
  Static code analysis tool based on Elasticsearch
  ☆129Updated 3 years ago
• imperva / automatic-api-attack-tool
  Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an outp…
  ☆451Updated last year
• projectdiscovery / openrisk
  openrisk is a tool that generates a risk score based on the results of a Nuclei scan.
  ☆162Updated 4 months ago
• koenbuyens / securityheaders
  Check any website (or set of websites) for insecure security headers.
  ☆232Updated last year
• projectdiscovery / pd-actions
  ☆207Updated this week
• appsecco / dvcsharp-api
  Damn Vulnerable C# Application (API)
  ☆71Updated 2 months ago
• ScaleSec / vulnado
  Purposely vulnerable Java application to help lead secure coding workshops
  ☆164Updated 2 months ago