veracode / verademo
A deliberately insecure Java web application
☆36Updated last month
Related projects ⓘ
Alternatives and complementary repositories for verademo
- Vulnerable Java based Web Application☆31Updated 5 years ago
- Externalize Java application access to protected resources as log messages.☆41Updated 5 months ago
- Secure Coding Rules for Java☆30Updated last month
- Damn Vulnerable Java (EE) Application☆130Updated 9 months ago
- Safelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning …☆41Updated 4 months ago
- flask-webgoat is a deliberately-vulnerable application written with the Flask web framework.☆19Updated 4 months ago
- Vendor-Neutral Security Tool Automation Controller (over REST)☆29Updated 5 years ago
- ☆32Updated last year
- Repository to showcase various configuration recipes with various technologies☆35Updated last year
- A tool for auditing medical devices and healthcare infrastructure☆21Updated last year
- Sample exploits of common vulnerabilities in Java librarires☆23Updated 10 months ago
- Java Observability Toolkit☆61Updated 5 months ago
- A collection of my Semgrep rules☆47Updated last year
- Plattform to develop and experiment with existing java web attacks.☆31Updated 6 years ago
- Semgrep rules corresponding to the OWASP ASVS standard☆27Updated 4 years ago
- ☆31Updated 4 years ago
- Docs: Vulnerability management aggregation of AppSec & OpSec (Tools Listing)☆30Updated last year
- ☆30Updated 2 years ago
- Purposely vulnerable Java application to help lead secure coding workshops☆168Updated 4 months ago
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆98Updated 10 months ago
- (aka Kotlin Goat) - an intentionally vulnerable Kotlin application☆33Updated 6 months ago
- An extension for BurpSuite that highlights SSO messages in Burp's proxy window..☆117Updated 3 years ago
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …☆55Updated 4 months ago
- An insecure example application (Java)☆32Updated last week
- IriusRisk Community☆62Updated last year
- docker-compose bringing up multiple vulnerable applications inside containers.☆18Updated 6 years ago
- ☆13Updated 6 months ago
- A Java Web Application with common legacy security flaws for tests with Arachni Scanner and ModSecurity☆21Updated 4 months ago
- Vulnerable webapp testbed☆20Updated 8 years ago
- Reference architecture and proof of concept implementation for supply chain security gateway☆23Updated last year