softwaresecured / secure-code-review-checklist
A starter secure code review checklist
☆178Updated 5 years ago
Related projects ⓘ
Alternatives and complementary repositories for secure-code-review-checklist
- Some good resources for getting started with application security☆135Updated 3 years ago
- vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.☆306Updated 7 months ago
- GraphQL security workshop labs☆102Updated 4 months ago
- ☆181Updated last year
- Purposely vulnerable Java application to help lead secure coding workshops☆169Updated 4 months ago
- A tool geared towards pentesting APIs using OpenAPI definitions.☆168Updated 2 years ago
- Damn Vulnerable Java (EE) Application☆130Updated 9 months ago
- Repo for all the OWASP-SKF Docker lab examples☆440Updated 3 months ago
- All Things Bug Bounty☆110Updated 2 years ago
- The Pixi module is a MEAN Stack web app with wildly insecure APIs!☆112Updated last year
- Stuff done in preparation for AWAE course and OSWE certification☆151Updated 4 years ago
- OWASP Code Review Guide Web Repository☆122Updated 2 years ago
- This repository will contain all trainings and tutorials I have done/read to prepare for OSWE / AWAE.☆236Updated 5 years ago
- ☆121Updated 3 years ago
- BurpSuite Extension: A one-stop pen testing checklist and logger tool☆263Updated last year
- A Broken Application - Very Vulnerable!☆131Updated last week
- Awesome information for WebSockets security research☆252Updated 2 years ago
- materials we hand out☆138Updated last month
- Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki☆203Updated 2 weeks ago
- This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …☆252Updated 2 years ago
- A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.☆483Updated last year
- GraphQL security testing tool☆117Updated 2 years ago
- Damn Vulnerable Cloud Application☆187Updated 6 years ago
- API Fuzzer which allows to fuzz request attributes using common pentesting techniques and lists vulnerabilities☆387Updated 7 years ago
- A simple web app with a XXE vulnerability.☆225Updated 3 years ago
- Intentionally Vulnerable Serverless Functions to understand the specifics of Serverless Security Vulnerabilities☆135Updated last year
- Tarpit - A Web application seeded with vulnerabilities, rootkits, backdoors & data leaks☆76Updated 2 years ago
- ☆175Updated 2 weeks ago
- SSRF testing tool☆241Updated last year
- Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an outp…☆457Updated last year