OWASP / wrongsecrets

Related projects ⓘ

Alternatives and complementary repositories for wrongsecrets

• OWASP / DevSecOpsGuideline
  The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.
  ☆846Updated 3 months ago
• erev0s / VAmPI
  Vulnerable REST API with OWASP top 10 vulnerabilities for security testing
  ☆918Updated 2 months ago
• Checkmarx / capital
  A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Sec…
  ☆274Updated 6 months ago
• OWASP / crAPI
  completely ridiculous API (crAPI)
  ☆1,111Updated this week
• devsecopsmaturitymodel / DevSecOps-MaturityModel
  ☆491Updated 3 weeks ago
• iknowjason / Awesome-CloudSec-Labs
  Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.
  ☆1,426Updated last week
• tldrsec / awesome-secure-defaults
  Awesome secure by default libraries to help you eliminate bug classes!
  ☆668Updated last week
• hysnsec / awesome-threat-modelling
  A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for …
  ☆1,399Updated 3 months ago
• tcosolutions / betterscan
  Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners with One Report (Code, IaC) - Betterscan
  ☆811Updated this week
• OWASP / threat-dragon
  An open source threat modeling tool from OWASP
  ☆930Updated this week
• Funkmyster / awesome-cloud-security
  A curated list of awesome cloud security blogs, podcasts, standards, projects, and examples.
  ☆579Updated last year
• TalEliyahu / Threat_Model_Examples
  Collection of Threat Models
  ☆381Updated 2 years ago
• TupleType / awesome-cicd-attacks
  Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.
  ☆486Updated last week
• psiinon / open-source-web-scanners
  A list of open source web security scanners
  ☆947Updated last month
• mazen160 / secrets-patterns-db
  Secrets Patterns DB: The largest open-source Database for detecting secrets, API keys, passwords, tokens, and more.
  ☆1,041Updated 9 months ago
• BishopFox / cloudfox
  Automating situational awareness for cloud penetration tests.
  ☆1,930Updated 3 weeks ago
• jassics / security-interview-questions
  Security interview questions with possible explanation for roles in AppSec, Pentesting, Cloud Security, DevSecOps, Network Security and s…
  ☆298Updated last month
• Hacking-the-Cloud / hackingthe.cloud
  An encyclopedia for offensive and defensive security knowledge in cloud native technologies.
  ☆1,706Updated this week
• ine-labs / AzureGoat
  AzureGoat : A Damn Vulnerable Azure Infrastructure
  ☆779Updated last week
• cider-security-research / top-10-cicd-security-risks
  ☆399Updated last year
• x1trap / websec-answers
  Websec interview questions by tib3rius answered
  ☆301Updated 11 months ago
• myugan / awesome-docker-security
  📚 A curated list of awesome Docker security resources
  ☆641Updated last week
• krol3 / container-security-checklist
  Checklist for container security - devsecops practices
  ☆1,521Updated last year
• pop3ret / AWSome-Pentesting
  My cheatsheet notes to pentest AWS infrastructure
  ☆655Updated 2 years ago
• praetorian-inc / gato
  GitHub Actions Pipeline Enumeration and Attack Tool
  ☆567Updated 2 months ago
• pushsecurity / saas-attacks
  Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threa…
  ☆1,183Updated 3 weeks ago
• OWASP / www-project-kubernetes-top-ten
  OWASP Foundation Web Respository
  ☆565Updated 9 months ago
• HackTricks-wiki / hacktricks-cloud
  ☆577Updated this week
• BishopFox / cloudfoxable
  Create your own vulnerable by design AWS penetration testing playground
  ☆328Updated 5 months ago
• Threagile / threagile
  Agile Threat Modeling Toolkit
  ☆614Updated this week