koenbuyens / oauth-2.0-security-cheat-sheet
oauth security guidelines
☆223Updated 5 years ago
Alternatives and similar repositories for oauth-2.0-security-cheat-sheet:
Users that are interested in oauth-2.0-security-cheat-sheet are comparing it to the libraries listed below
- Purposely vulnerable Java application to help lead secure coding workshops☆179Updated 10 months ago
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆104Updated 2 months ago
- A starter secure code review checklist☆182Updated 6 years ago
- ☆189Updated 5 months ago
- vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.☆316Updated last year
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆133Updated 3 weeks ago
- 🖇️ STRIDE vs. ASVS equivalence table☆76Updated 8 months ago
- Fetch the details of assets hosted on AWS.☆87Updated last year
- Damn Vulnerable Cloud Application☆193Updated 6 years ago
- A step-by-step walkthrough of CloudGoat 2.0 scenarios.☆134Updated 4 years ago
- OWASP Foundation Web Respository☆34Updated 7 months ago
- Damn Vulnerable Java (EE) Application☆138Updated last year
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider☆139Updated 3 years ago
- Tarpit - A Web application seeded with vulnerabilities, rootkits, backdoors & data leaks☆79Updated 2 years ago
- OWASP Code Review Guide Web Repository☆132Updated 2 years ago
- Some good resources for getting started with application security☆142Updated 3 years ago
- The Pixi module is a MEAN Stack web app with wildly insecure APIs!☆125Updated 2 years ago
- Burp Suite extension that offers a toolkit for testing GraphQL endpoints.☆191Updated 8 months ago
- Script to audit GitHub Action Workflow files for potential vulnerabilities.☆154Updated 7 months ago
- The OWASP DevSecOps Guideline explains how we can implement a secure pipeline and use best practices and introduce tools that we can use …☆66Updated 10 months ago
- Unauthenticated enumeration of AWS, Azure, and GCP Principals☆224Updated 5 months ago
- Protect against subdomain takeover☆92Updated 11 months ago
- Intentionally Vulnerable Serverless Functions to understand the specifics of Serverless Security Vulnerabilities☆135Updated 2 years ago
- A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Sec…☆286Updated last year
- A curated list of awesome browser security learning material.☆141Updated 2 years ago
- ☆126Updated 9 months ago
- Burp Suite Extension useful to verify OAUTHv2 and OpenID security☆173Updated 5 months ago
- ☆123Updated last year
- A tool geared towards pentesting APIs using OpenAPI definitions.☆174Updated 2 years ago
- GraphQL security workshop labs☆104Updated 9 months ago