OWASP / owasp-istg
The IoT Security Testing Guide (ISTG) provides a comprehensive methodology for penetration tests in the IoT field, offering flexibility to adapt innovations, and developments in the IoT market while still ensuring comparability of test results.
☆100Updated 7 months ago
Alternatives and similar repositories for owasp-istg:
Users that are interested in owasp-istg are comparing it to the libraries listed below
- This is a RSS feed collection for all the InfoSec Content Creators☆32Updated last year
- HASH (HTTP Agnostic Software Honeypot)☆140Updated last year
- ☆114Updated last year
- QRFuzz, a fuzzing toolkit to test malicious QR Codes in mobile applications☆45Updated 11 months ago
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆133Updated last month
- CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).☆117Updated last month
- GCP GOAT is the vulnerable application for learn the GCP Security☆64Updated last year
- Repository with some necessary information for you to create your PenTest consultancy☆97Updated 3 months ago
- A OWASP Based Checklist With 80+ Test Cases☆142Updated 2 years ago
- My personal collection of resources (mostly tools and training materials) for source code security audits.☆78Updated 8 months ago
- CoWitness is a powerful web application testing tool that enhances the accuracy and efficiency of your testing efforts. It allows you to …☆125Updated last year
- A research project to add some brrrrrr to Burp☆160Updated 3 months ago
- Search engine for CTF writeups with instant results.☆136Updated 2 months ago
- Certainly is a offensive security toolkit to capture large amounts of traffic in various network protocols in bitflip and typosquat scena…☆182Updated 8 months ago
- LLM Testing Findings Templates☆72Updated last year
- Collection of writeups on ICS/SCADA security.☆170Updated last month
- an extension for Burp Suite to allow researchers to utilize GPT for analys is of HTTP requests and responses☆108Updated 2 years ago
- Prototype of Full Agentic Application Security Testing, FAAST = SAST + DAST + LLM agents☆43Updated last week
- A collection of Active Directory, phishing, mobile technology, system, service, web application, and wireless technology weaknesses that …☆244Updated 2 years ago
- This repository hosts several snippets and file related to the BsidesLV 2024 talk about Shadow and Zombie APIs by me☆18Updated 9 months ago
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files☆218Updated 3 weeks ago
- ☆35Updated last month
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…☆158Updated 5 months ago
- This provides a guided step by step walkthrough for threat modeling with MITRE ATT&CK Framework☆28Updated 2 months ago
- Downloads Information from NIST (CVSS), first.org (EPSS), and CISA (Exploited Vulnerabilities) and combines them into one list. Reports f…☆141Updated 2 years ago
- ☆178Updated 4 months ago
- OWASP Foundation web repository☆32Updated 3 months ago
- A comprehensive knowledge base for security professionals to keep track of and build defenses against API attack techniques.☆43Updated 7 months ago
- A curated list of cloud pentesting resource, contains AWS, Azure, Google Cloud☆118Updated 2 years ago
- 🧮 An online calculator to assess the risk of web vulnerabilities based on OWASP Risk Assessment☆158Updated 3 years ago