A simple web app that helps developers understand the ASVS requirements. Now supporting ASVS 5.0
☆164Nov 25, 2025Updated 3 months ago
Alternatives and similar repositories for asvs
Users that are interested in asvs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆125Nov 8, 2023Updated 2 years ago
- ☆21Sep 25, 2018Updated 7 years ago
- OWASP ASVS checklist for audits☆215Jan 5, 2024Updated 2 years ago
- A curated collection of security tools, frameworks, and resources for Enumeration, Cloud Security, Static Analysis, Threat Intelligence, …☆21Dec 2, 2025Updated 3 months ago
- ☆22Jan 6, 2022Updated 4 years ago
- Yet Another SCA tool☆13Nov 10, 2022Updated 3 years ago
- ☆20Jan 18, 2022Updated 4 years ago
- drHEADer helps with the audit of security headers received in response to a single request or a list of requests.☆111Jan 8, 2025Updated last year
- We borrow the concept of 'personas' from UX/service design and apply it to threat actors to improve understanding between security, techn…☆11Jun 17, 2020Updated 5 years ago
- OWASP Application Security Verification Standard 4.0 Checklist☆33Apr 15, 2019Updated 6 years ago
- ☆69Jul 18, 2025Updated 8 months ago
- 🖇️ equivalence table between OWASP ASVS standard and STRIDE threat modeling methodology.☆76Aug 22, 2024Updated last year
- Node application to help managing Maturity Models like the ones created by BSIMM and OpenSAMM☆195Aug 27, 2018Updated 7 years ago
- Systematic Universal Security Testing Orchestration☆37Mar 28, 2022Updated 3 years ago
- Pin designs for security related items☆37Feb 16, 2026Updated last month
- The Outlook HTML Leak Test Project☆41May 12, 2018Updated 7 years ago
- Application Security Verification Standard☆3,373Updated this week
- OWASP Foundation Web Respository☆19Dec 22, 2025Updated 3 months ago
- Attack Tree modeling sheet for Dia☆20Oct 9, 2018Updated 7 years ago
- REST/JSON interface to Burp Suite☆33Oct 12, 2020Updated 5 years ago
- Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature☆25Apr 19, 2017Updated 8 years ago
- Python script to check GitHub accounts for world-editable wiki pages☆21May 8, 2023Updated 2 years ago
- SAMM stands for Software Assurance Maturity Model.☆398May 17, 2022Updated 3 years ago
- Agile Threat Modeling Toolkit☆736Mar 12, 2026Updated last week
- SubdomainDB is a simple self-hosted API that allows you to maintain your own subdomain database.☆31Jan 8, 2018Updated 8 years ago
- An extension for BurpSuite that highlights SSO messages in Burp's proxy window..☆120Apr 26, 2021Updated 4 years ago
- Maturity Model Collaborative project☆15Feb 27, 2023Updated 3 years ago
- ☆35May 13, 2021Updated 4 years ago
- OWASP Threat Dragon core files☆29May 15, 2021Updated 4 years ago
- The command-line client for Journal☆12Oct 26, 2024Updated last year
- Reapsaw is a continuous security devsecops tool, which helps in enabling security into CI/CD Pipeline. It supports coverage for multiple …☆41Sep 23, 2020Updated 5 years ago
- Security Champions Playbook v 2.1☆392Sep 25, 2023Updated 2 years ago
- Scripts and auxiliary files for fuzzing PHP's unserialize function☆46Aug 13, 2017Updated 8 years ago
- A Frida MCP server to enable autonomous AI assistance for Android instrumentation☆35Feb 8, 2026Updated last month
- Cracker for Apache.lang.commons RandomStringUtils(). Code for "The Java Soothsayer" talk at EkoParty 2017 by Alejo Popovici.☆33Mar 13, 2018Updated 8 years ago
- A tool for analyzing the attack surface of an application☆19Mar 5, 2025Updated last year
- ☆74Sep 30, 2020Updated 5 years ago
- An open source, online threat modelling tool from OWASP☆484Jul 18, 2025Updated 8 months ago
- Provide some tips to handle Injection into application code (OWASP TOP 10 - A1).☆10Nov 11, 2020Updated 5 years ago