A simple web app that helps developers understand the ASVS requirements. Now supporting ASVS 5.0
☆163Nov 25, 2025Updated 3 months ago
Alternatives and similar repositories for asvs
Users that are interested in asvs are comparing it to the libraries listed below
Sorting:
- ☆124Nov 8, 2023Updated 2 years ago
- ☆21Sep 25, 2018Updated 7 years ago
- OWASP ASVS checklist for audits☆214Jan 5, 2024Updated 2 years ago
- This Is Indian Country - Spring 2018 Instance☆12Apr 30, 2018Updated 7 years ago
- We borrow the concept of 'personas' from UX/service design and apply it to threat actors to improve understanding between security, techn…☆11Jun 17, 2020Updated 5 years ago
- A curated collection of security tools, frameworks, and resources for Enumeration, Cloud Security, Static Analysis, Threat Intelligence, …☆21Dec 2, 2025Updated 3 months ago
- Kantega Web Application Security Hero Challenge☆19Dec 3, 2020Updated 5 years ago
- Cracker for Apache.lang.commons RandomStringUtils(). Code for "The Java Soothsayer" talk at EkoParty 2017 by Alejo Popovici.☆33Mar 13, 2018Updated 7 years ago
- ☆20Jan 18, 2022Updated 4 years ago
- drHEADer helps with the audit of security headers received in response to a single request or a list of requests.☆112Jan 8, 2025Updated last year
- ☆22Jan 6, 2022Updated 4 years ago
- A Continuous Threat Modeling methodology☆324Jun 24, 2022Updated 3 years ago
- Yet Another SCA tool☆13Nov 10, 2022Updated 3 years ago
- Pin designs for security related items☆37Feb 16, 2026Updated 2 weeks ago
- ☆69Jul 18, 2025Updated 7 months ago
- Python script to check GitHub accounts for world-editable wiki pages☆21May 8, 2023Updated 2 years ago
- 🖇️ equivalence table between OWASP ASVS standard and STRIDE threat modeling methodology.☆76Aug 22, 2024Updated last year
- Node application to help managing Maturity Models like the ones created by BSIMM and OpenSAMM☆195Aug 27, 2018Updated 7 years ago
- Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature☆25Apr 19, 2017Updated 8 years ago
- Demonstrates how a malicious dependency could negatively impact the build output.☆25Aug 11, 2023Updated 2 years ago
- An extension for BurpSuite that highlights SSO messages in Burp's proxy window..☆120Apr 26, 2021Updated 4 years ago
- A tool for analyzing the attack surface of an application☆19Mar 5, 2025Updated 11 months ago
- Proof of concept implementation of fuzzing workload using AFL as the fuzzer and Terraform to codify infrastructure☆31Aug 22, 2019Updated 6 years ago
- This is a small extension to make graphql readable☆30Dec 14, 2018Updated 7 years ago
- My solutions to Matasano Cryptopals challenge.☆30Nov 2, 2014Updated 11 years ago
- Application Security Verification Standard☆3,350Updated this week
- Scripts and auxiliary files for fuzzing PHP's unserialize function☆46Aug 13, 2017Updated 8 years ago
- OWASP Application Security Verification Standard 4.0 Checklist☆33Apr 15, 2019Updated 6 years ago
- Agile Threat Modeling Toolkit☆725Nov 20, 2025Updated 3 months ago
- SubdomainDB is a simple self-hosted API that allows you to maintain your own subdomain database.☆31Jan 8, 2018Updated 8 years ago
- INACTIVE - Collection of Tools & Procedures for double checking GitHub configurations☆137May 9, 2024Updated last year
- VyAPI - A cloud based vulnerable hybrid Android App☆86Feb 21, 2020Updated 6 years ago
- ☆74Sep 30, 2020Updated 5 years ago
- Repository which contains a set of examples used in real phishing emails. Numerous parts of these examples will be highlighted to illustr…☆17Aug 18, 2021Updated 4 years ago
- This extension replaces the default repeater tab name with the URL path of the repeater request.☆24Sep 3, 2021Updated 4 years ago
- Systematic Universal Security Testing Orchestration☆37Mar 28, 2022Updated 3 years ago
- Windows PowerShell enumeration toolset for analyzing system configurations.☆22Apr 30, 2019Updated 6 years ago
- Code Pulse is a real-time code coverage tool for penetration testing activities☆122Dec 7, 2022Updated 3 years ago
- Reapsaw is a continuous security devsecops tool, which helps in enabling security into CI/CD Pipeline. It supports coverage for multiple …☆41Sep 23, 2020Updated 5 years ago