OWASP / Top10
Official OWASP Top 10 Document Repository
☆4,424Updated last month
Alternatives and similar repositories for Top10:
Users that are interested in Top10 are comparing it to the libraries listed below
- OWASP API Security Project☆2,101Updated 2 weeks ago
- The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.☆7,520Updated this week
- Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.☆8,337Updated last year
- Application Security Verification Standard☆2,804Updated this week
- OWASP Foundation Web Respository☆1,142Updated 4 months ago
- A toolkit for testing, tweaking and cracking JSON Web Tokens☆5,546Updated 5 months ago
- scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.☆3,740Updated this week
- Awesome XSS stuff☆4,832Updated 2 months ago
- In-depth attack surface mapping and asset discovery☆12,322Updated 3 weeks ago
- Web application fuzzer☆6,019Updated 5 months ago
- OWASP Community Pages are a place where OWASP can accept community contributions for security-related content.☆1,151Updated this week
- A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the communit…☆3,135Updated last month
- This repository contains the scanner component for Greenbone Community Edition.☆3,543Updated this week
- The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topic…☆28,628Updated this week
- Nikto web server scanner☆8,840Updated last week
- A Tool for Domain Flyovers☆5,694Updated 2 years ago
- This repo is no longer in use. Please refer to https://github.com/OWASP/www-project-vulnerable-web-applications-directory☆875Updated 2 months ago
- A list of public penetration test reports published by several consulting firms and academic security groups.☆8,614Updated 7 months ago
- An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.☆5,619Updated 7 months ago
- A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…☆3,711Updated 3 years ago
- A curated list of amazingly awesome Burp Extensions☆3,040Updated 2 months ago
- Automated NoSQL database enumeration and web application exploitation tool.☆2,980Updated 5 months ago
- EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.☆5,106Updated 2 months ago
- Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management☆3,754Updated this week
- Collection of the cheat sheets useful for pentesting☆3,938Updated 11 months ago
- Web and mobile application security training platform☆1,358Updated 6 months ago
- OWASP based Web Application Security Testing Checklist is an Excel based checklist which helps you to track the status of completed and p…☆1,532Updated last year
- A list of interesting payloads, tips and tricks for bug bounty hunters.☆6,013Updated last year
- Directory/File, DNS and VHost busting tool written in Go☆10,699Updated last week
- Git All the Payloads! A collection of web attack payloads.☆3,657Updated last year