softwaresecured / secure-code-review-checklistLinks
A starter secure code review checklist
☆182Updated 6 years ago
Alternatives and similar repositories for secure-code-review-checklist
Users that are interested in secure-code-review-checklist are comparing it to the libraries listed below
Sorting:
- ☆188Updated 2 years ago
- A tool geared towards pentesting APIs using OpenAPI definitions.☆176Updated 2 years ago
- vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.☆316Updated last year
- The Pixi module is a MEAN Stack web app with wildly insecure APIs!☆126Updated 2 years ago
- GraphQL security workshop labs☆111Updated last month
- Some good resources for getting started with application security☆142Updated 4 years ago
- Stuff done in preparation for AWAE course and OSWE certification☆152Updated 4 years ago
- Awesome information for WebSockets security research☆272Updated 3 years ago
- Damn Vulnerable Java (EE) Application☆138Updated last year
- ☆194Updated 7 months ago
- BurpSuite Extension: A one-stop pen testing checklist and logger tool☆266Updated 2 years ago
- ☆250Updated 11 months ago
- Repo for all the SKF Docker lab examples☆452Updated 10 months ago
- Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in …☆200Updated last year
- Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki☆209Updated 7 months ago
- ☆131Updated 4 years ago
- ☆173Updated 4 years ago
- Research on GraphQL from an AppSec point of view.☆415Updated 2 years ago
- GraphQL security testing tool☆122Updated 3 years ago
- All Things Bug Bounty☆115Updated 3 years ago
- Security Testing Scripts for JWT☆314Updated 2 years ago
- This repository will contain all trainings and tutorials I have done/read to prepare for OSWE / AWAE.☆240Updated 5 years ago
- A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Sec…☆292Updated last year
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆301Updated 2 years ago
- A Broken Application - Very Vulnerable!☆162Updated this week
- SSRF testing tool☆244Updated 2 years ago
- Damn Vulnerable Cloud Application☆192Updated 6 years ago
- The Burp extension to check JWT (JSON Web Tokens) for using keys from known from public sources☆132Updated 4 years ago
- This repository is in progress, it will keep updating as I come across to new learning materials. Feel free to contribute.☆222Updated 2 years ago
- Purposely vulnerable Java application to help lead secure coding workshops☆181Updated 11 months ago