semgrep-old/rules-owasp-asvs external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

semgrep-old/rules-owasp-asvs

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/semgrep-old/rules-owasp-asvs)

Close

semgrep-old / rules-owasp-asvsView on GitHubMore

• External links
• Readme badge

Semgrep rules corresponding to the OWASP ASVS standard

☆27Nov 2, 2020Updated 5 years ago

Alternatives and similar repositories for rules-owasp-asvs

Users that are interested in rules-owasp-asvs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• YaleUniversity / ZAP_ASVS_Checks

  View on GitHub
  ZAP scripts to implement ASVS L1 checking
  ☆17Apr 28, 2022Updated 4 years ago
• SecurityRiskAdvisors / Burp-Load-Balancer-Cookie-Scanner

  View on GitHub
  Burp extension to find and decode BigIP and Netscaler cookies
  ☆15Jul 20, 2018Updated 7 years ago
• Swordfish-Security / Checkmarx-Custom-Query-Rules

  View on GitHub
  ☆15Sep 30, 2020Updated 5 years ago
• kondukto-io / semgrep-rules

  View on GitHub
  Custom semgrep rules registry
  ☆14Aug 23, 2022Updated 3 years ago
• j3ssie / curated-semgrep-rules

  View on GitHub
  Curated Collection of Popular Community Rules for Semgrep
  ☆19Dec 27, 2023Updated 2 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• oss-review-toolkit / ort-ci-gitlab

  View on GitHub
  Use ORT in your GitLab pipelines
  ☆15Nov 11, 2025Updated 6 months ago
• BlazingWind / OWASP-ASVS-4.0-testing-guide

  View on GitHub
  ☆125Nov 8, 2023Updated 2 years ago
• thehackerish / GWTab

  View on GitHub
  BurpSuite extension that helps find user input in a GWT body.
  ☆12May 29, 2020Updated 5 years ago
• hashicorp-forge / semgrep-rules

  View on GitHub
  HashiCorp-relevant rules for the Semgrep code analysis tool
  ☆42Oct 3, 2023Updated 2 years ago
• uchi-mata / awesome-cloud-security

  View on GitHub
  My collection of Cloud Security Resources
  ☆16Apr 16, 2025Updated last year
• tiburon-security / sriracha-iq

  View on GitHub
  Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…
  ☆18Apr 10, 2020Updated 6 years ago
• guyinatuxedo / real_hacker_hours

  View on GitHub
  ☆22Dec 1, 2021Updated 4 years ago
• TheManyHatsClub-CTF / TheManyHatsClubCTF

  View on GitHub
  Challenges for the TheManyHatsClub CTF
  ☆11May 1, 2023Updated 3 years ago
• gdgd009xcd / CustomActiveScanForZAP

  View on GitHub
  a ZAPROXY Addon ActiveScan for detecting SQL injection with more better way.
  ☆18May 13, 2026Updated last week
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• RedTeamOperations / GoogleWorkspaceDirectoryDump

  View on GitHub
  ☆19Jul 9, 2022Updated 3 years ago
• SecObserve / secobserve_actions_templates

  View on GitHub
  GitHub actions and GitLab CI templates run various vulnerability scanners, upload the results into SecObserve and make the results of the…
  ☆29May 14, 2026Updated last week
• blackhatethicalhacking / lsassy

  View on GitHub
  Extract credentials from lsass remotely
  ☆16Jan 3, 2020Updated 6 years ago
• iosifache / semgrep-rules-manager

  View on GitHub
  Manager of 14 third-party sources comprising approximately 4,000 Semgrep rules 🗂
  ☆110Dec 24, 2025Updated 5 months ago
• nmmapper / censys-subdomain-finder-non-api

  View on GitHub
  Using censys to find subdomains but without the APIs just scrapping
  ☆16May 13, 2020Updated 6 years ago
• xebis-legacy / repository-template

  View on GitHub
  Highly automated, up-to-date, and well-documented repository template. Checks for common problems, Markdown, YAML, Bash, formats, lints, …
  ☆16Jan 1, 2024Updated 2 years ago
• google / acjs

  View on GitHub
  ☆11Dec 19, 2024Updated last year
• trailofbits / semgrep-rules

  View on GitHub
  Semgrep queries developed by Trail of Bits.
  ☆514May 7, 2026Updated 2 weeks ago
• eloquence / help.wtf

  View on GitHub
  cheatsheets for life
  ☆13Jan 22, 2026Updated 4 months ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• hahwul / xssmaze

  View on GitHub
  XSSMaze is a web service designed to test and improve the performance of security testing tools by providing various cases of XSS vulnera…
  ☆32May 16, 2026Updated last week
• devoteam-cybertrust / android

  View on GitHub
  Repository with research related to Android
  ☆13Jul 17, 2018Updated 7 years ago
• OWASP / threat-modeling-playbook

  View on GitHub
  ☆37Mar 8, 2022Updated 4 years ago
• OpenSecuritySummit / oss-website

  View on GitHub
  The Open Security Summit is focused on the collaboration between, Developers and Application Security
  ☆45Jul 9, 2025Updated 10 months ago
• secf00tprint / payloadtester_lfi_rfi

  View on GitHub
  LFI/RFI Payload Tests Project
  ☆37Oct 21, 2019Updated 6 years ago
• ikoz / cert-pinning-flaw-poc

  View on GitHub
  Simple script for testing CVE-2016-2402 and similar flaws
  ☆13Mar 30, 2016Updated 10 years ago
• bao7uo / waf-cookie-fetcher

  View on GitHub
  WAF Cookie Fetcher is a Burp Suite extension written in Python, which uses a headless browser to obtain the values of WAF-injected cookie…
  ☆16Jan 16, 2018Updated 8 years ago
• v-p-b / DangerousPHPFunctions

  View on GitHub
  Growing list of potentially dangerous PHP functions
  ☆52May 1, 2019Updated 7 years ago
• akhil-reni / xsstutorial

  View on GitHub
  ☆11Jun 19, 2024Updated last year
• Bare Metal GPUs on DigitalOcean Gradient AI • Ad
  Purpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
• Coalfire-Research / LambProxy

  View on GitHub
  HTTP Proxy using Amazon Lambda for source IP cycling
  ☆15Apr 6, 2021Updated 5 years ago
• yeokm1 / nus-soc-print

  View on GitHub
  An Android application that prints office documents and PDF files to Unix printers in NUS School Of Computing via SSH
  ☆16Oct 2, 2015Updated 10 years ago
• we45 / container_training

  View on GitHub
  Container Security and Serverless Training
  ☆13Dec 8, 2022Updated 3 years ago
• Sam0rai / guilty-as-yara

  View on GitHub
  ☆30Oct 13, 2025Updated 7 months ago
• Bearer / bearer-rules

  View on GitHub
  Rules for Bearer SAST
  ☆40Mar 26, 2026Updated 2 months ago
• Zeyad-Azima / Need-IP

  View on GitHub
  A tool for Pentesters & BugHunters to collect IPs of company, server, Operating System & many more
  ☆13Dec 20, 2022Updated 3 years ago
• ariya / esmorph

  View on GitHub
  ECMAScript source modification tool
  ☆63Feb 6, 2016Updated 10 years ago