OWASP / www-project-dependency-check
OWASP Foundation Web Respository
☆14Updated 4 months ago
Related projects ⓘ
Alternatives and complementary repositories for www-project-dependency-check
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆51Updated 2 years ago
- Rules for Bearer SAST☆23Updated 3 weeks ago
- Adds extensibility to Burp by using a list of payloads to pattern match on HTTP responses highlighting interesting and potentially vulner…☆15Updated last year
- All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities☆26Updated 2 years ago
- A collection of various scripts and automations to simplify Checkmarx SAST and IAST setup and use☆14Updated 6 years ago
- A Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC☆33Updated 2 weeks ago
- A collection of my Semgrep rules☆47Updated last year
- Dependency Combobulator☆88Updated 10 months ago
- ☆22Updated 2 years ago
- My custom semgrep rules☆18Updated 4 years ago
- ☆69Updated 3 years ago
- Manual JavaScript Linting is a Bug☆49Updated 3 years ago
- Collection of python helper API's for interacting with LGTM.com in ways the official API doesn't support.☆23Updated 2 years ago
- A Burp extension to show the Collaborator client in a tab☆36Updated last year
- Parse OpenAPI specifications, previously known as Swagger specifications, into the BurpSuite for automating RESTful API testing – approve…☆40Updated 8 months ago
- Burp Suite extension to passively scan for applications revealing server error messages☆11Updated last year
- Script to test open Akamai ARL vulnerability.☆70Updated 3 years ago
- A very vulnerable implementation of a GraphQL API.☆57Updated 2 years ago
- Jekyll Files for cloudsecwiki.com☆49Updated 3 years ago
- Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.☆29Updated 2 years ago
- ☆78Updated 6 months ago
- YSOSERIAL Integration with burp suite☆40Updated 2 years ago
- A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.☆55Updated 2 months ago
- ☆29Updated 6 months ago
- ☆13Updated 6 months ago
- Fork of https://github.com/PortSwigger/param-miner for header smuggling research☆12Updated 2 years ago
- Proof-of-concept CORS exploitation tool.☆34Updated 5 years ago
- Scrap Latest Information Security Resources☆31Updated 3 years ago
- ☆55Updated 3 years ago
- Looking for JAR files that are vulnerable to Log4j RCE (CVE‐2021‐44228)?☆44Updated 2 years ago