shenril / owasp-asvs-checklist

Related projects: ⓘ

• Santandersecurityresearch / asvs
  A simple web app that helps developers understand the ASVS requirements.
  ☆153Updated 6 months ago
• BlazingWind / OWASP-ASVS-4.0-testing-guide
  ☆118Updated 10 months ago
• owasp-cloud-security / owasp-cloud-security
  OWASP Cloud Security - Enabling conversations through threat and control stories
  ☆175Updated 5 years ago
• we45 / ThreatPlaybook
  A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestrat…
  ☆271Updated last week
• OWASP / Maturity-Models
  Node application to help managing Maturity Models like the ones created by BSIMM and OpenSAMM
  ☆185Updated 6 years ago
• OWASP / threat-model-cookbook
  This project is about creating and publishing threat model examples.
  ☆402Updated 2 years ago
• absoluteappsec / handouts
  materials we hand out
  ☆127Updated last week
• OWASP / samm
  SAMM stands for Software Assurance Maturity Model.
  ☆396Updated 2 years ago
• threatspec / threatspec
  threatspec - continuous threat modeling, through code
  ☆327Updated 3 years ago
• OWASP / owasp-summit-2017
  Content for OWASP Summit 2017 site
  ☆126Updated 3 years ago
• edgeroute / security-champion-framework
  The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.
  ☆102Updated 8 months ago
• c0rdis / security-champions-playbook
  Security Champions Playbook v 2.1
  ☆341Updated 11 months ago
• segmentio / threat-modeling-training
  Segment's Threat Modeling training for our engineers
  ☆233Updated 3 years ago
• OWASP / RiskAssessmentFramework
  The Secure Coding Framework
  ☆258Updated 4 years ago
• Autodesk / continuous-threat-modeling
  A Continuous Threat Modeling methodology
  ☆303Updated 2 years ago
• RhinoSecurityLabs / Swagger-EZ
  A tool geared towards pentesting APIs using OpenAPI definitions.
  ☆167Updated last year
• iriusrisk / Community
  IriusRisk Community
  ☆62Updated last year
• jeevan-singh / Security-Engineering-Training
  ☆30Updated 3 years ago
• OWASP / user-security-stories
  Repo to hold mapping of user-security-stories
  ☆112Updated 5 years ago
• OWASP / Container-Security-Verification-Standard
  Container Security Verification Standard
  ☆57Updated 5 years ago
• Toreon / threat-model-playbook
  ☆77Updated 3 years ago
• sk4ddy / remediatetheflag
  ☆101Updated this week
• mike-goodwin / owasp-threat-dragon
  An open source, online threat modelling tool from OWASP
  ☆481Updated 2 months ago
• sethlaw / sputr
  Security Payload Unit Test Repository (SPUTR)
  ☆86Updated last year
• product-security-group / Security_Ladders
  Open source security career ladders
  ☆114Updated last year
• NetsOSS / headless-burp
  Automate security tests using Burp Suite.
  ☆222Updated 3 months ago
• RhinoSecurityLabs / GCPBucketBrute
  A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.
  ☆476Updated last year
• DevSlop / Pixi
  The Pixi module is a MEAN Stack web app with wildly insecure APIs!
  ☆110Updated last year
• aparsons / bag-of-holding
  An application to assist in the organization and prioritization of software security activities.
  ☆134Updated 3 years ago
• magoo / ato-checklist
  A checklist of practices for organizations dealing with account takeover (ATO)
  ☆261Updated 3 years ago