semgrep-old/rules-owasp-asvs external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

semgrep-old/rules-owasp-asvs

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/semgrep-old/rules-owasp-asvs)

Close

semgrep-old / rules-owasp-asvsView on GitHubMore

• External links
• Readme badge

Semgrep rules corresponding to the OWASP ASVS standard

☆27Nov 2, 2020Updated 5 years ago

Alternatives and similar repositories for rules-owasp-asvs

Users that are interested in rules-owasp-asvs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• YaleUniversity / ZAP_ASVS_Checks

  View on GitHub
  ZAP scripts to implement ASVS L1 checking
  ☆17Apr 28, 2022Updated 4 years ago
• SecurityRiskAdvisors / Burp-Load-Balancer-Cookie-Scanner

  View on GitHub
  Burp extension to find and decode BigIP and Netscaler cookies
  ☆15Jul 20, 2018Updated 7 years ago
• Swordfish-Security / Checkmarx-Custom-Query-Rules

  View on GitHub
  ☆14Sep 30, 2020Updated 5 years ago
• kondukto-io / semgrep-rules

  View on GitHub
  Custom semgrep rules registry
  ☆14Aug 23, 2022Updated 3 years ago
• oss-review-toolkit / ort-ci-gitlab

  View on GitHub
  Use ORT in your GitLab pipelines
  ☆15Nov 11, 2025Updated 5 months ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• BlazingWind / OWASP-ASVS-4.0-testing-guide

  View on GitHub
  ☆125Nov 8, 2023Updated 2 years ago
• vmnguyen / semgrep-rules

  View on GitHub
  My custom semgrep rules
  ☆23Sep 13, 2020Updated 5 years ago
• sensepost / x11-active-displays

  View on GitHub
  Checks X11 and outputs a screenshot to of the display if allowed and the display is active
  ☆23Dec 12, 2016Updated 9 years ago
• uchi-mata / awesome-cloud-security

  View on GitHub
  My collection of Cloud Security Resources
  ☆16Apr 16, 2025Updated last year
• tiburon-security / sriracha-iq

  View on GitHub
  Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…
  ☆18Apr 10, 2020Updated 6 years ago
• guyinatuxedo / real_hacker_hours

  View on GitHub
  ☆22Dec 1, 2021Updated 4 years ago
• semgrep / semgrep-rules

  View on GitHub
  Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.
  ☆1,142Updated this week
• gdgd009xcd / RequestRecorder

  View on GitHub
  A ZAPROXY Add-on that allows testing of web application vulnerabilities by recording complex multi-step sequences. You can test applica…
  ☆22May 14, 2025Updated 11 months ago
• JavanXD / Demo-Exploit-Jackson-RCE

  View on GitHub
  Exploiting CVE-2017-7525 demo project with Angular7 frontend and Spring.
  ☆18Feb 21, 2019Updated 7 years ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• snyk-labs / docker-goof

  View on GitHub
  A demo repo showcasing Snyk's Docker offering
  ☆35Aug 12, 2024Updated last year
• TheManyHatsClub-CTF / TheManyHatsClubCTF

  View on GitHub
  Challenges for the TheManyHatsClub CTF
  ☆11May 1, 2023Updated 3 years ago
• gdgd009xcd / CustomActiveScanForZAP

  View on GitHub
  a ZAPROXY Addon ActiveScan for detecting SQL injection with more better way.
  ☆18Jan 22, 2025Updated last year
• RedTeamOperations / GoogleWorkspaceDirectoryDump

  View on GitHub
  ☆19Jul 9, 2022Updated 3 years ago
• blackhatethicalhacking / lsassy

  View on GitHub
  Extract credentials from lsass remotely
  ☆16Jan 3, 2020Updated 6 years ago
• iosifache / semgrep-rules-manager

  View on GitHub
  Manager of 14 third-party sources comprising approximately 4,000 Semgrep rules 🗂
  ☆108Dec 24, 2025Updated 4 months ago
• nmmapper / censys-subdomain-finder-non-api

  View on GitHub
  Using censys to find subdomains but without the APIs just scrapping
  ☆16May 13, 2020Updated 5 years ago
• spyd3r / owasp-asvs-github

  View on GitHub
  ☆18Apr 21, 2020Updated 6 years ago
• google / acjs

  View on GitHub
  ☆11Dec 19, 2024Updated last year
• Bare Metal GPUs on DigitalOcean Gradient AI • Ad
  Purpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
• trailofbits / semgrep-rules

  View on GitHub
  Semgrep queries developed by Trail of Bits.
  ☆502Nov 12, 2025Updated 5 months ago
• tinchoabbate / ethernaut-ctf

  View on GitHub
  Solutions for Ethernaut CTF (https://ethernaut.openzeppelin.com) - Writeups at https://notonlyowner.com
  ☆11May 9, 2021Updated 4 years ago
• eloquence / help.wtf

  View on GitHub
  cheatsheets for life
  ☆13Jan 22, 2026Updated 3 months ago
• city-mobil / common_security_pipeline

  View on GitHub
  GitLab CI security tools runner
  ☆18Feb 3, 2023Updated 3 years ago
• devoteam-cybertrust / android

  View on GitHub
  Repository with research related to Android
  ☆13Jul 17, 2018Updated 7 years ago
• elttam / semgrep-rules

  View on GitHub
  ☆233Apr 24, 2026Updated last week
• OWASP / threat-modeling-playbook

  View on GitHub
  ☆36Mar 8, 2022Updated 4 years ago
• OpenSecuritySummit / oss-website

  View on GitHub
  The Open Security Summit is focused on the collaboration between, Developers and Application Security
  ☆45Jul 9, 2025Updated 9 months ago
• ikoz / cert-pinning-flaw-poc

  View on GitHub
  Simple script for testing CVE-2016-2402 and similar flaws
  ☆13Mar 30, 2016Updated 10 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• bao7uo / waf-cookie-fetcher

  View on GitHub
  WAF Cookie Fetcher is a Burp Suite extension written in Python, which uses a headless browser to obtain the values of WAF-injected cookie…
  ☆16Jan 16, 2018Updated 8 years ago
• v-p-b / DangerousPHPFunctions

  View on GitHub
  Growing list of potentially dangerous PHP functions
  ☆52May 1, 2019Updated 7 years ago
• andrewbeard / broworkshop

  View on GitHub
  Materials for the BSides NoVA/Charleston 2018 Bro Workshop
  ☆14Jun 4, 2025Updated 11 months ago
• akhil-reni / xsstutorial

  View on GitHub
  ☆11Jun 19, 2024Updated last year
• yeokm1 / nus-soc-print

  View on GitHub
  An Android application that prints office documents and PDF files to Unix printers in NUS School Of Computing via SSH
  ☆16Oct 2, 2015Updated 10 years ago
• c0nrad / caspr

  View on GitHub
  Content-Security-Policy report aggregator/analyzer
  ☆54May 29, 2020Updated 5 years ago
• emmeowzing / gitlabci-lint-pre-commit-hook

  View on GitHub
  A pre-commit hook that lints Gitlab CI configurations
  ☆20Mar 24, 2026Updated last month