OWASP / wrongsecrets

Related projects ⓘ

Alternatives and complementary repositories for wrongsecrets

• cider-security-research / cicd-goat
  A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.
  ☆1,950Updated 4 months ago
• erev0s / VAmPI
  Vulnerable REST API with OWASP top 10 vulnerabilities for security testing
  ☆928Updated 3 months ago
• Checkmarx / capital
  A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Sec…
  ☆274Updated 7 months ago
• OWASP / crAPI
  completely ridiculous API (crAPI)
  ☆1,119Updated this week
• cider-security-research / top-10-cicd-security-risks
  ☆400Updated last year
• BishopFox / cloudfoxable
  Create your own vulnerable by design AWS penetration testing playground
  ☆331Updated 5 months ago
• OWASP / DevSecOpsGuideline
  The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.
  ☆848Updated 4 months ago
• tldrsec / awesome-secure-defaults
  Awesome secure by default libraries to help you eliminate bug classes!
  ☆669Updated 3 weeks ago
• OWASP / www-project-kubernetes-top-ten
  OWASP Foundation Web Respository
  ☆566Updated 9 months ago
• OWASP / threat-dragon
  An open source threat modeling tool from OWASP
  ☆933Updated last week
• devsecopsmaturitymodel / DevSecOps-MaturityModel
  ☆494Updated this week
• Legit-Labs / legitify
  Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets
  ☆775Updated last week
• owasp-dep-scan / dep-scan
  OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for …
  ☆1,019Updated this week
• step-security / github-actions-goat
  GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment
  ☆443Updated last month
• TalEliyahu / Threat_Model_Examples
  Collection of Threat Models
  ☆383Updated 2 years ago
• iknowjason / Awesome-CloudSec-Labs
  Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.
  ☆1,433Updated 2 weeks ago
• TupleType / awesome-cicd-attacks
  Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.
  ☆489Updated 3 weeks ago
• c0rdis / security-champions-playbook
  Security Champions Playbook v 2.1
  ☆350Updated last year
• BishopFox / cloudfox
  Automating situational awareness for cloud penetration tests.
  ☆1,955Updated last month
• krol3 / container-security-checklist
  Checklist for container security - devsecops practices
  ☆1,525Updated last year
• pop3ret / AWSome-Pentesting
  My cheatsheet notes to pentest AWS infrastructure
  ☆656Updated 2 years ago
• myugan / awesome-cicd-security
  A curated list of awesome CI CD security resources
  ☆524Updated 2 weeks ago
• roottusk / vapi
  vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
  ☆1,178Updated last year
• ine-labs / AzureGoat
  AzureGoat : A Damn Vulnerable Azure Infrastructure
  ☆787Updated 3 weeks ago
• HackTricks-wiki / hacktricks-cloud
  ☆581Updated this week
• hysnsec / awesome-threat-modelling
  A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for …
  ☆1,407Updated 3 months ago
• mazen160 / secrets-patterns-db
  Secrets Patterns DB: The largest open-source Database for detecting secrets, API keys, passwords, tokens, and more.
  ☆1,046Updated 9 months ago
• praetorian-inc / gato
  GitHub Actions Pipeline Enumeration and Attack Tool
  ☆570Updated 3 months ago
• rung / threat-matrix-cicd
  Threat matrix for CI/CD Pipeline
  ☆739Updated 4 months ago
• CycodeLabs / raven
  CI/CD Security Analyzer
  ☆625Updated last month