OWASP / ASST
OWASP ASST (Automated Software Security Toolkit) | A Novel Open Source Web Security Scanner.
โ158Updated 6 months ago
Related projects: โ
- ๐งฎ An online calculator to assess the risk of web vulnerabilities based on OWASP Risk Assessmentโ142Updated 3 years ago
- An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.โ180Updated last week
- The DevSecOps toolset for REST APIsโ270Updated last year
- VMC: a Scalable, Open Source and Free Vulnerability Management Platformโ80Updated 2 weeks ago
- Damn Vulnerable Java (EE) Applicationโ129Updated 7 months ago
- A deliberately vulnerable web application for learning web application security.โ118Updated 6 months ago
- Burp Automator - A Burp Suite Automation Tool. It provides a high level CLI and Python interfaces to Burp Suite scanner and can be used tโฆโ186Updated 5 months ago
- OWASP Foundation Web Respositoryโ64Updated last year
- Software Component Verification Standard (SCVS)โ133Updated 5 months ago
- OWASP Foundation Threat Dragon Project Web Repositoryโ68Updated last week
- The Secure Coding Frameworkโ258Updated 4 years ago
- The OWASP DevSecOps Guideline explains how we can implement a secure pipeline and use best practices and introduce tools that we can use โฆโ58Updated 3 months ago
- Weaponizing Live CT logs for automated monitoring ofย assetsโ132Updated 3 years ago
- Docker toolbox for pentest of web based application.โ137Updated this week
- vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.โ305Updated 5 months ago
- SECMON is a web-based tool for the automation of infosec watching and vulnerability management with a web interface.โ220Updated 2 years ago
- Enhanced fork with logging, OpenAPI 3.0 and Python 3 for security monitoring workshopsโ41Updated 7 months ago
- The Pixi module is a MEAN Stack web app with wildly insecure APIs!โ110Updated last year
- OWASP Code Review Guide Web Repositoryโ119Updated 2 years ago
- โ35Updated 11 months ago
- A tool geared towards pentesting APIs using OpenAPI definitions.โ167Updated last year
- The source of ZAP websiteโ64Updated this week
- A starter secure code review checklistโ175Updated 5 years ago
- Static code analysis tool based on Elasticsearchโ129Updated 3 years ago
- Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an outpโฆโ451Updated last year
- openrisk is a tool that generates a risk score based on the results of a Nuclei scan.โ162Updated 4 months ago
- Check any website (or set of websites) for insecure security headers.โ232Updated last year
- โ207Updated this week
- Damn Vulnerable C# Application (API)โ71Updated 2 months ago
- Purposely vulnerable Java application to help lead secure coding workshopsโ164Updated 2 months ago