OWASP/user-security-stories external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

OWASP/user-security-stories

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/OWASP/user-security-stories)

Close

OWASP / user-security-storiesView on GitHubMore

• External links
• Readme badge

Repo to hold mapping of user-security-stories

☆120Nov 28, 2018Updated 7 years ago

Alternatives and similar repositories for user-security-stories

Users that are interested in user-security-stories are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• GovReady / security-stories-nist800-53

  View on GitHub
  A collection of security related user stories compatible with NIST Special Publication 800-53
  ☆38Mar 14, 2017Updated 9 years ago
• mario-platt / ASVS-Agile-Delivery-Guide

  View on GitHub
  ☆35May 13, 2021Updated 4 years ago
• CloudSecurityAlliance-WG / wg-DevSecOps

  View on GitHub
  DevSecOps Working Group
  ☆12Sep 24, 2019Updated 6 years ago
• OWASP / Maturity-Models

  View on GitHub
  Node application to help managing Maturity Models like the ones created by BSIMM and OpenSAMM
  ☆195Aug 27, 2018Updated 7 years ago
• OWASP / glue

  View on GitHub
  Application Security Automation
  ☆527Sep 5, 2023Updated 2 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
• OWASP / Cloud-Native-Application-Security-Top-10

  View on GitHub
  ☆21Sep 25, 2018Updated 7 years ago
• franksec42 / Vulnerability-management-maturity

  View on GitHub
  Maturity Model Collaborative project
  ☆15Feb 27, 2023Updated 3 years ago
• we45 / ThreatPlaybook

  View on GitHub
  A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestrat…
  ☆281Feb 17, 2026Updated last month
• rusakovichma / TicTaaC

  View on GitHub
  Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …
  ☆70Jun 25, 2025Updated 9 months ago
• pumasecurity / puma-prey

  View on GitHub
  Puma Prey contains vulnerable .NET target applications to test the Puma Scan rules against. This project contains Web Forms, MVC5, and Co…
  ☆21Aug 26, 2025Updated 7 months ago
• opendevsecops / terraform-aws-scanner

  View on GitHub
  Terraform module which provides easy to configure AWS environment for running automated security scanning solutions at scheduled interval…
  ☆46Jan 29, 2019Updated 7 years ago
• Toreon / threat-model-playbook

  View on GitHub
  ☆88Jul 28, 2021Updated 4 years ago
• fedoraredteam / red-container

  View on GitHub
  ☆12Mar 7, 2018Updated 8 years ago
• OWASP / www-project-secure-coding-dojo

  View on GitHub
  OWASP Foundation Web Repository
  ☆13Oct 9, 2025Updated 5 months ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• sethlaw / sputr

  View on GitHub
  Security Payload Unit Test Repository (SPUTR)
  ☆87Feb 18, 2026Updated last month
• appsecpipeline / AppSecPipeline-Specification

  View on GitHub
  AppSecPipeline Specification for DevOps automation.
  ☆40Dec 8, 2022Updated 3 years ago
• PacktPublishing / Practical-Web-Penetration-Testing

  View on GitHub
  Practical Web Penetration Testing, published by Packt
  ☆25Jan 30, 2023Updated 3 years ago
• faloker / purify

  View on GitHub
  All-in-one tool for managing vulnerability reports from AppSec pipelines
  ☆108Jan 11, 2023Updated 3 years ago
• Mixeway / MixewayBackend

  View on GitHub
  Mixeway is security orchestrator for vulnerability scanners which enable easy plug in integration with CICD pipelines. MixewayBackend pro…
  ☆17Sep 26, 2024Updated last year
• iknowjason / hammer

  View on GitHub
  An example of a mis-configured Rails application release under MIT license.
  ☆21Jan 19, 2023Updated 3 years ago
• duo-labs / appsec-education

  View on GitHub
  Presentations, training modules, and other education materials from Duo Security's Application Security team.
  ☆76Jul 15, 2021Updated 4 years ago
• geoffrey-hill-tutamantic / rapid-threat-model-prototyping-docs

  View on GitHub
  This repository stores content that can be used to design a Rapid Threat Model Prototyping process for a software development group.
  ☆165Mar 14, 2023Updated 3 years ago
• shehackspurple / TTT-Pushing-Left

  View on GitHub
  This repository will teach you have to do my talk "Pushing Left, Like a Boss".
  ☆71Jan 1, 2022Updated 4 years ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• iriusrisk / startleft

  View on GitHub
  StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different so…
  ☆54Mar 4, 2026Updated 3 weeks ago
• OWASP / www-project-defectdojo

  View on GitHub
  OWASP Foundation Web Respository
  ☆14Oct 4, 2025Updated 5 months ago
• Autodesk / continuous-threat-modeling

  View on GitHub
  A Continuous Threat Modeling methodology
  ☆324Jun 24, 2022Updated 3 years ago
• stelligent / aws-devsecops-workshop

  View on GitHub
  A continuous security pipeline demo for the AWS DevSecOps Workshop.
  ☆45Jan 7, 2020Updated 6 years ago
• ossf / foundation

  View on GitHub
  OpenSSF Governance and Legal Docs
  ☆76Sep 9, 2025Updated 6 months ago
• hp271 / awesome-dev-first-security

  View on GitHub
  A curated collection of tools and resources for building security with a developer first approach.
  ☆30Jul 29, 2022Updated 3 years ago
• owasp-cloud-security / owasp-cloud-security

  View on GitHub
  OWASP Cloud Security - Enabling conversations through threat and control stories
  ☆182Dec 7, 2018Updated 7 years ago
• Whitespots-OU / security-requirements-generator

  View on GitHub
  A small tool to help developers understand a huge set of security requirements from appsec teams
  ☆46Sep 2, 2022Updated 3 years ago
• OWASP / owasp-summit-2017

  View on GitHub
  Content for OWASP Summit 2017 site
  ☆129Nov 12, 2020Updated 5 years ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• OWASP / WebGoat.NET

  View on GitHub
  OWASP WebGoat.NET
  ☆73Aug 20, 2015Updated 10 years ago
• freedomofpress / threat-modeling

  View on GitHub
  experimental threat modeling tools
  ☆14Oct 7, 2022Updated 3 years ago
• redshiftzero / awesome-threat-modeling

  View on GitHub
  a curated list of useful threat modeling resources
  ☆148Jun 28, 2024Updated last year
• we45 / ZAP-Mini-Workshop

  View on GitHub
  Interactive IPython Notebook to demonstrate OWASP ZAP's API and Scripting Functions - OWASP ZAP 2.8.0
  ☆41Dec 8, 2022Updated 3 years ago
• OWASP / pytm

  View on GitHub
  A Pythonic framework for threat modeling
  ☆1,113Mar 16, 2026Updated last week
• MMquant / DNSweeper

  View on GitHub
  Asynchronous public DNS auditing tool
  ☆11May 22, 2023Updated 2 years ago
• mhausenblas / awsometag

  View on GitHub
  A tool to tag AWS resources in a unified manner
  ☆11Jan 10, 2020Updated 6 years ago