softwaresecured / secure-code-review-checklistLinks
A starter secure code review checklist
☆182Updated 6 years ago
Alternatives and similar repositories for secure-code-review-checklist
Users that are interested in secure-code-review-checklist are comparing it to the libraries listed below
Sorting:
- Some good resources for getting started with application security☆142Updated 4 years ago
- vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.☆316Updated last year
- The Pixi module is a MEAN Stack web app with wildly insecure APIs!☆126Updated 2 years ago
- A tool geared towards pentesting APIs using OpenAPI definitions.☆177Updated 2 years ago
- Repo for all the SKF Docker lab examples☆453Updated 10 months ago
- ☆188Updated 2 years ago
- BurpSuite Extension: A one-stop pen testing checklist and logger tool☆266Updated 2 years ago
- Damn Vulnerable Java (EE) Application☆139Updated last year
- Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki☆209Updated 7 months ago
- This repository will contain all trainings and tutorials I have done/read to prepare for OSWE / AWAE.☆242Updated 5 years ago
- OWASP Code Review Guide Web Repository☆136Updated 3 years ago
- Damn Vulnerable Cloud Application☆193Updated 6 years ago
- All Things Bug Bounty☆115Updated 3 years ago
- Purposely vulnerable Java application to help lead secure coding workshops☆182Updated last year
- GraphQL security workshop labs☆112Updated 2 weeks ago
- Stuff done in preparation for AWAE course and OSWE certification☆152Updated 4 years ago
- materials we hand out☆146Updated 2 months ago
- Automatically exported from code.google.com/p/domxsswiki☆537Updated 7 years ago
- Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"☆353Updated 4 years ago
- A step-by-step walkthrough of CloudGoat 2.0 scenarios.☆134Updated 5 years ago
- Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in …☆200Updated last year
- API Fuzzer which allows to fuzz request attributes using common pentesting techniques and lists vulnerabilities☆397Updated 7 years ago
- A simple SSRF-testing sheriff written in Go☆327Updated 7 months ago
- This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …☆259Updated 2 years ago
- ☆130Updated 4 years ago
- ☆80Updated 3 years ago
- Tarpit - A Web application seeded with vulnerabilities, rootkits, backdoors & data leaks☆79Updated 2 years ago
- ☆196Updated 7 months ago
- Presentations, training modules, and other education materials from Duo Security's Application Security team.☆74Updated 3 years ago
- Continuous monitoring for JavaScript files☆220Updated 5 years ago