OWASP / www-project-devsecops-verification-standardLinks
OWASP Foundation Web Respository
☆45Updated last month
Alternatives and similar repositories for www-project-devsecops-verification-standard
Users that are interested in www-project-devsecops-verification-standard are comparing it to the libraries listed below
Sorting:
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆101Updated 2 years ago
- ☆61Updated 8 months ago
- GCP GOAT is the vulnerable application for learn the GCP Security☆70Updated 8 months ago
- Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments☆141Updated last year
- ☆192Updated 9 months ago
- MetaHub is an automated contextual security findings enrichment and impact evaluation tool for vulnerability management.☆176Updated 2 months ago
- This repo contains IOC, malware and malware analysis associated with Public cloud☆249Updated last year
- A tool to keep AWS pentests and red teams efficient, organized, and stealthy.☆96Updated last month
- Cloud Offensive Breach and Risk Assessment (COBRA) Tool☆102Updated 2 weeks ago
- OWASP Foundation Web Respository☆101Updated last month
- APIsec|SCAN - Free API security testing using Github actions☆103Updated last year
- GCPGoat : A Damn Vulnerable GCP Infrastructure☆428Updated last year
- ☆185Updated last week
- An experimental project using LLM technology to generate security documentation for Open Source Software (OSS) projects☆34Updated 11 months ago
- Public repository of all things cloud security.☆47Updated last year
- 🧮 An online calculator to assess the risk of web vulnerabilities based on OWASP Risk Assessment☆163Updated 4 years ago
- A full insecure kubernetes application for testing security tools☆90Updated 3 months ago
- This provides a guided step by step walkthrough for threat modeling with MITRE ATT&CK Framework☆30Updated last month
- A Risk-Based Prioritization Taxonomy for prioritizing CVEs (Common Vulnerabilities and Exposures).☆83Updated last year
- ☆114Updated 2 years ago
- A simple script which implements different Cognito attacks such as Account Oracle or Priviledge Escalation☆109Updated last year
- A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where w…☆113Updated last year
- An AWS IAM Privilege Escalation Path Library☆113Updated last week
- An AWS IAM policy statement parser and query tool.☆197Updated last week
- Summaries, transcripts, key points, and other useful insights from fwd:cloudsec 2025 talks for those of us who don't have time to watch e…☆85Updated 7 months ago
- A guide to simplify the process of evaluating Datadog's Cloud SIEM security capabilities to detect AWS threats.☆19Updated 2 years ago
- Enriching the NVD CVSS scores to include Temporal & Threat Metrics☆215Updated this week
- KaiMonkey provides vulnerable infrastructure as code (IaC) to help explore and understand common cloud security threats exposed via IaC.☆105Updated 2 years ago
- Halberd : Multi-Cloud Agentic Attack Tool☆334Updated 3 weeks ago
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …☆68Updated 7 months ago