koenbuyens / oauth-2.0-security-cheat-sheet
oauth security guidelines
☆218Updated 5 years ago
Related projects: ⓘ
- Purposely vulnerable Java application to help lead secure coding workshops☆164Updated 2 months ago
- A starter secure code review checklist☆175Updated 5 years ago
- ☆173Updated 6 months ago
- vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.☆305Updated 5 months ago
- Damn Vulnerable Java (EE) Application☆129Updated 7 months ago
- Damn Vulnerable Cloud Application☆183Updated 6 years ago
- The Pixi module is a MEAN Stack web app with wildly insecure APIs!☆110Updated last year
- OWASP Code Review Guide Web Repository☆119Updated 2 years ago
- A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Sec…☆269Updated 5 months ago
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider☆138Updated 3 years ago
- Fetch the details of assets hosted on AWS.☆85Updated 9 months ago
- Burp Suite Extension useful to verify OAUTHv2 and OpenID security☆169Updated 3 months ago
- A step-by-step walkthrough of CloudGoat 2.0 scenarios.☆132Updated 4 years ago
- GraphQL security workshop labs☆100Updated 2 months ago
- ☆178Updated last year
- The OWASP DevSecOps Guideline explains how we can implement a secure pipeline and use best practices and introduce tools that we can use …☆58Updated 3 months ago
- Tarpit - A Web application seeded with vulnerabilities, rootkits, backdoors & data leaks☆75Updated 2 years ago
- 🖇️ STRIDE vs. ASVS equivalence table☆74Updated 3 weeks ago
- Some good resources for getting started with application security☆133Updated 3 years ago
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆95Updated 7 months ago
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆127Updated last year
- API Security Project aims to present unique attack & defense methods in API Security field☆280Updated 2 years ago
- The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.☆102Updated 8 months ago
- This repository is in progress, it will keep updating as I come across to new learning materials. Feel free to contribute.☆223Updated 2 years ago
- Script to audit GitHub Action Workflow files for potential vulnerabilities.☆147Updated 3 weeks ago
- S3 Account Search☆234Updated 3 months ago
- GraphQL threat framework used by security professionals to research security gaps in GraphQL implementations☆274Updated 9 months ago
- Burp Suite Extension useful to verify OAUTHv2 and OpenID security☆183Updated last year
- Awesome resources about Security in Kubernetes☆40Updated last year
- Awesome information for WebSockets security research☆244Updated 2 years ago