OWASP ASVS checklist for audits
☆214Jan 5, 2024Updated 2 years ago
Alternatives and similar repositories for owasp-asvs-checklist
Users that are interested in owasp-asvs-checklist are comparing it to the libraries listed below
Sorting:
- OWASP Application Security Verification Standard 4.0 Checklist☆33Apr 15, 2019Updated 6 years ago
- OWASP ASVS Assessment Tool☆28Nov 6, 2018Updated 7 years ago
- A simple web app that helps developers understand the ASVS requirements. Now supporting ASVS 5.0☆163Nov 25, 2025Updated 3 months ago
- Python tool for exploiting CVE-2021-35616☆11Dec 3, 2021Updated 4 years ago
- ☆124Nov 8, 2023Updated 2 years ago
- Kantega Web Application Security Hero Challenge☆19Dec 3, 2020Updated 5 years ago
- Extract Juniper firewall usernames and hashes and put into a John the Ripper format for cracking☆13Jul 4, 2014Updated 11 years ago
- Windows Privesc Check - PowerShell☆67Apr 22, 2022Updated 3 years ago
- Tools to work with vulnerability standards.☆19Mar 19, 2014Updated 11 years ago
- ☆14Dec 3, 2022Updated 3 years ago
- A Pythonic wrapper to MassDNS☆24Mar 21, 2018Updated 7 years ago
- The Secure Coding Practices Quick-reference Guide from OWASP☆44Aug 13, 2025Updated 6 months ago
- Evil snippets of Underhanded Red Team tactics☆11Jul 5, 2017Updated 8 years ago
- ZAP scripts to implement ASVS L1 checking☆17Apr 28, 2022Updated 3 years ago
- Scans for the MS17-010 vulnerability and drops the alert into slack.☆15May 23, 2017Updated 8 years ago
- Various shell code I have written☆17Oct 9, 2020Updated 5 years ago
- Semgrep rules corresponding to the OWASP ASVS standard☆27Nov 2, 2020Updated 5 years ago
- Vulnerable Linux socket game for educational purposes☆22Apr 22, 2017Updated 8 years ago
- Post-exploitation scripts for OS X persistence and privesc☆73Apr 12, 2017Updated 8 years ago
- This burpsuite extender provides a solution on testing Enterprise applications that involve security Authorization tokens into every HTTP…☆47Feb 27, 2019Updated 7 years ago
- Fingerprint a web app using local files as the fingerprint sources☆38May 16, 2017Updated 8 years ago
- MoneyX is an intentionally vulnerable JSP application used for training developers in application security concepts.☆31May 10, 2016Updated 9 years ago
- ☆20Jan 18, 2022Updated 4 years ago
- Checklist intended to be used as a baseline for assessing, designing, and testing the security of a MAM (Application Wrapping) solution☆20Sep 2, 2015Updated 10 years ago
- Security Knowledge Framework (SKF) Python Flask / Angular project☆827Mar 12, 2024Updated last year
- Terraform configuration to build a Burp Private Collaborator Server☆25Nov 7, 2017Updated 8 years ago
- Simple implementation of an AppSec Pipeline using the Gasp library☆13Sep 8, 2019Updated 6 years ago
- Automated System Hardening (ash-windows) is a Salt formula to apply SCAP benchmarks to Windows systems☆20Mar 2, 2026Updated last week
- Sonicwall Firewall decoder, username, password hash extract. Formats into John the Ripper☆25Jul 4, 2014Updated 11 years ago
- ☆41May 16, 2018Updated 7 years ago
- Weape-Wireless-EAP-Extractor☆29Sep 1, 2013Updated 12 years ago
- REST/JSON interface to Burp Suite☆33Oct 12, 2020Updated 5 years ago
- ☆23Feb 9, 2018Updated 8 years ago
- Because I can't find scripts to do this anywhere else...☆26Dec 27, 2016Updated 9 years ago
- Demos for several kubernetes security features☆64Jan 9, 2025Updated last year
- Pragmatic Network Security for Cloud and Hybrid Networks☆10Nov 24, 2015Updated 10 years ago
- Kubernetes Kubelet RCE Automated Script. Utilizes both "run" and "exec" debug handlers.☆10Sep 28, 2020Updated 5 years ago
- Training materials I've written.☆11Nov 11, 2025Updated 3 months ago
- The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.☆110Jan 16, 2024Updated 2 years ago