Presentations, training modules, and other education materials from Duo Security's Application Security team.
☆76Jul 15, 2021Updated 4 years ago
Alternatives and similar repositories for appsec-education
Users that are interested in appsec-education are comparing it to the libraries listed below
Sorting:
- The command-line client for Journal☆12Oct 26, 2024Updated last year
- Tools to automate AWS Cloud security assessments☆24Mar 26, 2020Updated 5 years ago
- Reapsaw is a continuous security devsecops tool, which helps in enabling security into CI/CD Pipeline. It supports coverage for multiple …☆41Sep 23, 2020Updated 5 years ago
- Common code, such as validators and mixins, that are shared between ActiveModels in metasploit-framework and ActiveRecords in metasploit_…☆14May 2, 2025Updated 10 months ago
- goSDL☆522Nov 3, 2025Updated 4 months ago
- Posture Attribute Collection and Evaluation☆23Jun 20, 2023Updated 2 years ago
- ☆139Mar 29, 2023Updated 2 years ago
- Download all the HIBP passwords☆12Apr 6, 2023Updated 2 years ago
- Kantega Web Application Security Hero Challenge☆19Dec 3, 2020Updated 5 years ago
- A set of tools that allow researchers to experiment with certificate chain validation issues☆13Dec 4, 2019Updated 6 years ago
- References, tools and sample payloads☆11Sep 16, 2016Updated 9 years ago
- CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.☆11Oct 29, 2018Updated 7 years ago
- Automatically decompile APK's using Docker☆24May 8, 2020Updated 5 years ago
- Core incident handling plugins for aws_ir cli, incident pony, and more.☆21Jul 7, 2018Updated 7 years ago
- Unit testing framework for test driven security of AWS, GCP, Heroku and more.☆108Jan 22, 2026Updated last month
- a skribbl wordlist for computery teams☆10May 3, 2020Updated 5 years ago
- A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns by leveraging Windows Events and Sys…☆12Apr 13, 2017Updated 8 years ago
- This is both a terrible and wonderful idea.☆12Oct 2, 2019Updated 6 years ago
- F-Secure Lightweight Acqusition for Incident Response (FLAIR)☆16Jul 5, 2021Updated 4 years ago
- Lambda job in Python to automatically deploy Inspector agent to newly-launched EC2 instances☆30Jan 14, 2026Updated last month
- materials we hand out☆147Jul 17, 2025Updated 7 months ago
- A small tool to help developers understand a huge set of security requirements from appsec teams☆46Sep 2, 2022Updated 3 years ago
- Interactive IPython Notebook to demonstrate OWASP ZAP's API and Scripting Functions - OWASP ZAP 2.8.0☆41Dec 8, 2022Updated 3 years ago
- DEPRECATED - web security checklist for Firefox Services☆78Jan 6, 2021Updated 5 years ago
- python tools to assist in penetration testing☆14Jan 19, 2026Updated last month
- dbling: The Chrome OS Forensic Toolset☆13Oct 27, 2020Updated 5 years ago
- generate lookalike domains using a few simple techniques (homoglyphs, alt TLDs, prefix/suffix)☆34Sep 15, 2023Updated 2 years ago
- Segment's Threat Modeling training for our engineers☆245May 4, 2021Updated 4 years ago
- ☆36Apr 29, 2025Updated 10 months ago
- OpenCSPM Community Controls☆14May 18, 2021Updated 4 years ago
- AWS Backup implementation in terraform☆13Feb 8, 2020Updated 6 years ago
- Security Champions Playbook v 2.1☆392Sep 25, 2023Updated 2 years ago
- Cybersecurity Incidents Mind Maps☆34Sep 29, 2021Updated 4 years ago
- threatspec - continuous threat modeling, through code☆379Dec 30, 2020Updated 5 years ago
- OWASP Cloud Security - Enabling conversations through threat and control stories☆182Dec 7, 2018Updated 7 years ago
- Report Generation from the Carbon Black REST API☆15Mar 24, 2022Updated 3 years ago
- OpenDXL Broker is an open source version of a Data Exchange Layer (DXL) broker☆14Feb 11, 2024Updated 2 years ago
- A tool to discover bygonessl vulnerabilities using the facebook API☆20Oct 2, 2019Updated 6 years ago
- A Security Scanner for Go☆26Feb 11, 2019Updated 7 years ago