semgrep-old/rules-owasp-asvs external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

semgrep-old/rules-owasp-asvs

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/semgrep-old/rules-owasp-asvs)

Close

semgrep-old / rules-owasp-asvsView on GitHubMore

• External links
• Readme badge

Semgrep rules corresponding to the OWASP ASVS standard

☆27Nov 2, 2020Updated 5 years ago

Alternatives and similar repositories for rules-owasp-asvs

Users that are interested in rules-owasp-asvs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• YaleUniversity / ZAP_ASVS_Checks

  View on GitHub
  ZAP scripts to implement ASVS L1 checking
  ☆17Apr 28, 2022Updated 4 years ago
• kondukto-io / semgrep-rules

  View on GitHub
  Custom semgrep rules registry
  ☆14Aug 23, 2022Updated 3 years ago
• j3ssie / curated-semgrep-rules

  View on GitHub
  Curated Collection of Popular Community Rules for Semgrep
  ☆20Dec 27, 2023Updated 2 years ago
• oss-review-toolkit / ort-ci-gitlab

  View on GitHub
  Use ORT in your GitLab pipelines
  ☆15Nov 11, 2025Updated 7 months ago
• BlazingWind / OWASP-ASVS-4.0-testing-guide

  View on GitHub
  ☆125Nov 8, 2023Updated 2 years ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• vmnguyen / semgrep-rules

  View on GitHub
  My custom semgrep rules
  ☆23Sep 13, 2020Updated 5 years ago
• mllamazares / STRIDE-vs-ASVS

  View on GitHub
  🖇️ equivalence table between OWASP ASVS standard and STRIDE threat modeling methodology.
  ☆76Aug 22, 2024Updated last year
• hashicorp-forge / semgrep-rules

  View on GitHub
  HashiCorp-relevant rules for the Semgrep code analysis tool
  ☆42Oct 3, 2023Updated 2 years ago
• tiburon-security / sriracha-iq

  View on GitHub
  Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…
  ☆18Apr 10, 2020Updated 6 years ago
• gdgd009xcd / RequestRecorder

  View on GitHub
  A ZAPROXY Add-on that allows testing of web application vulnerabilities by recording complex multi-step sequences. You can test applica…
  ☆22May 14, 2025Updated last year
• semgrep / semgrep-rules

  View on GitHub
  Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.
  ☆1,182Updated this week
• gdgd009xcd / CustomActiveScanForZAP

  View on GitHub
  a ZAPROXY Addon ActiveScan for detecting SQL injection with more better way.
  ☆18Jun 7, 2026Updated last week
• RedTeamOperations / GoogleWorkspaceDirectoryDump

  View on GitHub
  ☆19Jul 9, 2022Updated 3 years ago
• blackhatethicalhacking / lsassy

  View on GitHub
  Extract credentials from lsass remotely
  ☆16Jan 3, 2020Updated 6 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• nmmapper / censys-subdomain-finder-non-api

  View on GitHub
  Using censys to find subdomains but without the APIs just scrapping
  ☆16May 13, 2020Updated 6 years ago
• TypeError / reflect

  View on GitHub
  OWASP ZAP add-on to detect reflected parameter vulnerabilities efficiently
  ☆12Feb 19, 2021Updated 5 years ago
• spyd3r / owasp-asvs-github

  View on GitHub
  ☆18Apr 21, 2020Updated 6 years ago
• google / acjs

  View on GitHub
  ☆11Dec 19, 2024Updated last year
• trailofbits / semgrep-rules

  View on GitHub
  Semgrep queries developed by Trail of Bits.
  ☆514May 7, 2026Updated last month
• eloquence / help.wtf

  View on GitHub
  cheatsheets for life
  ☆13Jan 22, 2026Updated 4 months ago
• city-mobil / common_security_pipeline

  View on GitHub
  GitLab CI security tools runner
  ☆18Feb 3, 2023Updated 3 years ago
• elttam / semgrep-rules

  View on GitHub
  ☆244Jun 3, 2026Updated last week
• OWASP / threat-modeling-playbook

  View on GitHub
  ☆38Mar 8, 2022Updated 4 years ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• OpenSecuritySummit / oss-website

  View on GitHub
  The Open Security Summit is focused on the collaboration between, Developers and Application Security
  ☆45Jul 9, 2025Updated 11 months ago
• secf00tprint / payloadtester_lfi_rfi

  View on GitHub
  LFI/RFI Payload Tests Project
  ☆37Oct 21, 2019Updated 6 years ago
• ikoz / cert-pinning-flaw-poc

  View on GitHub
  Simple script for testing CVE-2016-2402 and similar flaws
  ☆13Mar 30, 2016Updated 10 years ago
• bao7uo / waf-cookie-fetcher

  View on GitHub
  WAF Cookie Fetcher is a Burp Suite extension written in Python, which uses a headless browser to obtain the values of WAF-injected cookie…
  ☆16Jan 16, 2018Updated 8 years ago
• v-p-b / DangerousPHPFunctions

  View on GitHub
  Growing list of potentially dangerous PHP functions
  ☆52May 1, 2019Updated 7 years ago
• andrewbeard / broworkshop

  View on GitHub
  Materials for the BSides NoVA/Charleston 2018 Bro Workshop
  ☆14Jun 4, 2025Updated last year
• akhil-reni / xsstutorial

  View on GitHub
  ☆11Jun 19, 2024Updated last year
• Coalfire-Research / LambProxy

  View on GitHub
  HTTP Proxy using Amazon Lambda for source IP cycling
  ☆15Apr 6, 2021Updated 5 years ago
• we45 / container_training

  View on GitHub
  Container Security and Serverless Training
  ☆13Dec 8, 2022Updated 3 years ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• SerpicoProject / SerpicoPlugins

  View on GitHub
  Plugins for the Serpico Project
  ☆23Dec 4, 2018Updated 7 years ago
• ropbear / CLMBypass

  View on GitHub
  Bypass Constrained Language Mode in PowerShell
  ☆30May 21, 2019Updated 7 years ago
• imrannissar / awk-and-sed

  View on GitHub
  commands
  ☆27Nov 5, 2020Updated 5 years ago
• jgrahamc / wtickle

  View on GitHub
  Small program to run requests against a web server and look for problems
  ☆11Jan 20, 2016Updated 10 years ago
• gadoi / AutoNSE

  View on GitHub
  Massive NSE (Nmap Scripting Engine) AutoSploit and AutoScanner
  ☆13Apr 25, 2018Updated 8 years ago
• phefley / burp-javascript-security-extension

  View on GitHub
  A Burp Suite extension which performs checks for cross-domain scripting against the DOM, subresource integrity checks, and evaluates Java…
  ☆27Mar 23, 2022Updated 4 years ago
• woj-ciech / Awake

  View on GitHub
  Bug Bounty Monitor
  ☆15Nov 23, 2020Updated 5 years ago