semgrep-old / rules-owasp-asvsLinks
Semgrep rules corresponding to the OWASP ASVS standard
☆27Updated 4 years ago
Alternatives and similar repositories for rules-owasp-asvs
Users that are interested in rules-owasp-asvs are comparing it to the libraries listed below
Sorting:
- Presentations, training modules, and other education materials from Duo Security's Application Security team.☆75Updated 4 years ago
- ☆124Updated last year
- ☆66Updated last month
- 🖇️ STRIDE vs. ASVS equivalence table☆76Updated last year
- A step-by-step walkthrough of CloudGoat 2.0 scenarios.☆134Updated 5 years ago
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆105Updated 6 months ago
- AWS Security Checks☆40Updated 7 years ago
- Orchestron is an Application Vulnerability Management and Correlation Tool.Orchestron helps you solve one key problem "Find and fix vulne…☆31Updated 2 years ago
- Maturity Model Collaborative project☆15Updated 2 years ago
- ☆32Updated 2 years ago
- A small tool to help developers understand a huge set of security requirements from appsec teams☆46Updated 2 years ago
- The Open Security Summit is focused on the collaboration between, Developers and Application Security☆45Updated last month
- Jekyll Files for cloudsecwiki.com☆50Updated 3 years ago
- Manager of third-party sources of Semgrep rules 🗂☆87Updated last year
- materials we hand out☆147Updated last month
- IriusRisk Community☆66Updated last year
- The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.☆108Updated last year
- A collection of my Semgrep rules☆49Updated 2 years ago
- MetaSec.js combines all the free open-source security tools to identify issues with JavaScript and automates the boring parts☆81Updated 2 years ago
- Python API library for DefectDojo☆42Updated 2 years ago
- Route53/CloudFront Vulnerability Assessment Utility☆86Updated last year
- Purposely vulnerable Java application to help lead secure coding workshops☆184Updated last year
- All-in-one tool for managing vulnerability reports from AppSec pipelines☆108Updated 2 years ago
- Application and Service Fingerprinting☆133Updated 2 years ago
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆63Updated 2 years ago
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …☆66Updated last month
- ☆112Updated 2 years ago
- InfoSec OpenAI Examples☆19Updated last year
- ZAP scripts to implement ASVS L1 checking☆16Updated 3 years ago
- ☆35Updated 4 years ago