OWASP / owasp-istg
The IoT Security Testing Guide (ISTG) provides a comprehensive methodology for penetration tests in the IoT field, offering flexibility to adapt innovations, and developments in the IoT market while still ensuring comparability of test results.
β99Updated 6 months ago
Alternatives and similar repositories for owasp-istg:
Users that are interested in owasp-istg are comparing it to the libraries listed below
- Create notes during a security code review in VSCode π Import your favorite SAST tool findings π οΈ and collaborate with others π€β133Updated 2 weeks ago
- β174Updated 3 months ago
- LLM Testing Findings Templatesβ70Updated last year
- β114Updated last year
- A research project to add some brrrrrr to Burpβ154Updated 2 months ago
- CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).β115Updated 2 weeks ago
- This is a RSS feed collection for all the InfoSec Content Creatorsβ32Updated last year
- GCP GOAT is the vulnerable application for learn the GCP Securityβ64Updated last year
- A collection of Turbo Intruder scripts.β58Updated 2 months ago
- β77Updated last year
- My personal collection of resources (mostly tools and training materials) for source code security audits.β73Updated 8 months ago
- A OWASP Based Checklist With 80+ Test Casesβ141Updated 2 years ago
- HASH (HTTP Agnostic Software Honeypot)β138Updated 11 months ago
- QRFuzz, a fuzzing toolkit to test malicious QR Codes in mobile applicationsβ45Updated 11 months ago
- Search engine for CTF writeups with instant results.β132Updated last month
- Repository with some necessary information for you to create your PenTest consultancyβ96Updated 3 months ago
- A collection of Active Directory, phishing, mobile technology, system, service, web application, and wireless technology weaknesses that β¦β244Updated 2 years ago
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagramsβ103Updated 2 months ago
- Downloads Information from NIST (CVSS), first.org (EPSS), and CISA (Exploited Vulnerabilities) and combines them into one list. Reports fβ¦β141Updated 2 years ago
- This repo contains the code for my secure code review challengesβ113Updated 2 weeks ago
- The Arcanum Prompt Injection Taxonomyβ59Updated this week
- A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where wβ¦β106Updated 5 months ago
- β35Updated 3 weeks ago
- boostsecurityio/lotpβ123Updated last week
- A tool to keep AWS pentests and red teams efficient, organized, and stealthy.β91Updated last year
- Certainly is a offensive security toolkit to capture large amounts of traffic in various network protocols in bitflip and typosquat scenaβ¦β182Updated 7 months ago
- Collection of writeups on ICS/SCADA security.β169Updated 3 weeks ago
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application aβ¦β157Updated 5 months ago
- SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokensβ156Updated 4 months ago
- an extension for Burp Suite to allow researchers to utilize GPT for analys is of HTTP requests and responsesβ105Updated last year