OWASP / www-project-security-champions-guidebook

Related projects: ⓘ

• rusakovichma / TicTaaC
  Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …
  ☆54Updated 2 months ago
• OWASP / www-project-integration-standards
  OWASP Foundation Web Respository
  ☆26Updated 3 weeks ago
• OWASP / www-project-developer-guide
  OWASP Project Developer Guide - Document and Project Web pages
  ☆75Updated this week
• OWASP / www-project-devsecops-guideline
  The OWASP DevSecOps Guideline explains how we can implement a secure pipeline and use best practices and introduce tools that we can use …
  ☆58Updated 3 months ago
• owaspsamm / core
  Core model including reused documentation
  ☆85Updated last week
• edgeroute / security-champion-framework
  The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.
  ☆102Updated 8 months ago
• OWASP / OpenCRE
  ☆76Updated this week
• vishalgarg-sec / Software-Supply-Chain-Security
  A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…
  ☆123Updated 7 months ago
• OWASP / www-project-devsecops-verification-standard
  OWASP Foundation Web Respository
  ☆37Updated 2 weeks ago
• Security-Knowledge-Framework / Labs
  Monorepo of Labs for the Security Knowledge Framework (SKF)
  ☆29Updated last month
• SirAppSec / bsides-shadow-api
  This repository hosts several snippets and file related to the BsidesLV 2024 talk about Shadow and Zombie APIs by me
  ☆16Updated last month
• AdnaneKhan / Gato-X
  GitHub Attack Toolkit - Extreme Edition
  ☆151Updated this week
• doyensec / PESD-Exporter-Extension
  PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams
  ☆95Updated 7 months ago
• OpenSecuritySummit / oss-website
  The Open Security Summit is focused on the collaboration between, Developers and Application Security
  ☆44Updated this week
• InsiderPhD / InfoSecCreators
  This is a RSS feed collection for all the InfoSec Content Creators
  ☆30Updated 10 months ago
• JOSHUAJEBARAJ / GCP-GOAT
  GCP GOAT is the vulnerable application for learn the GCP Security
  ☆61Updated 11 months ago
• iriusrisk / startleft
  StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different so…
  ☆47Updated this week
• arnepadmos / threats
  An extensive list of resources related to threat modelling. Gotta catch ’em all!
  ☆30Updated 2 months ago
• jeremylong / malicious-dependencies
  Demonstrates how a malicious dependency could negatively impact the build output.
  ☆23Updated last year
• apisec-university / free-API-security-test-action
  APIsec|SCAN - Free API security testing using Github actions
  ☆91Updated 4 months ago
• theparanoids / PrioritizedRiskRemediation
  A Risk-Based Prioritization Taxonomy for prioritizing CVEs (Common Vulnerabilities and Exposures).
  ☆64Updated 4 months ago
• owaspsamm / sammwise
  NextJS-based single-page application for completing and reviewing SAMM assessments
  ☆67Updated last year
• DevSlop / Pixi
  The Pixi module is a MEAN Stack web app with wildly insecure APIs!
  ☆110Updated last year
• payatu / DVAPI
  Damn Vulnerable API
  ☆20Updated 4 months ago
• OWASP / www-project-code-review-guide
  OWASP Code Review Guide Web Repository
  ☆119Updated 2 years ago
• JavierOlmedo / OWASP-Calculator
  🧮 An online calculator to assess the risk of web vulnerabilities based on OWASP Risk Assessment
  ☆142Updated 3 years ago
• Toreon / threat-model-playbook
  ☆78Updated 3 years ago
• OWASP / www-project-asvs-security-evaluation-templates-with-nuclei
  OWASP ASVS Security Evaluation Templates with Nuclei
  ☆16Updated last week
• appsecco / dvcsharp-api
  Damn Vulnerable C# Application (API)
  ☆71Updated 2 months ago
• nccgroup / ccs
  ☆108Updated last year