Repository navigation

#

application-security

OWASP / CheatSheetSeries 

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

owaspCode安全cheatsheetsbest-practicesappsecapplication-security
Python
30401
19 小时前
chaitin/SafeLine
chaitin / SafeLine 

SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.

firewallhttp-flood安全sql-injectionwafweb-application-firewallweb-securityxsscaptchaAPIappsecCommon Vulnerabilities and Exposures (CVE)Cybersecurityhackersvulnerabilitywebsecurityapplication-securitybruteforceblueteam自托管
Go
18156
2 个月前
juice-shop/juice-shop
juice-shop / juice-shop 

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

owaspJavaScriptvulnerableHackingapplication-securityowasp-top-10owasp-top-tenpentestingvulnappappsecctfHacktoberfest24pullrequests安全
TypeScript
11747
17 小时前
OWASP/wstg
OWASP / wstg 

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

best-practicesguideowaspBug Bountypenetration-testingpentestingapplication-security安全HacktoberfestappsecHacking
Dockerfile
8413
4 天前
paragonie / awesome-appsec 

A curated list of resources for learning about application security

security-expertsreading-listcuratedapplication-security安全owasp
PHP
6676
7 个月前
urbanadventurer / WhatWeb 

Next generation web scanner

安全WebscannerRubypenetration-testingkali-linuxowasppenetration-testing-toolspenetration-testHackinghacking-toolsnetwork-securityReconnaissanceappsecapplication-securitypentestingpentesting-toolspentestweb-hacking
Ruby
6105
3 天前
jassics / security-study-plan 

Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...

aws-securitystudy-guidestudy-planappsecappsec-tutorialsazure-securitydevsecops-universitygcp-securitypentestingapplication-securityCybersecuritysecurity-testingapi-security
4709
2 个月前
payloadbox / command-injection-payload-list 

🎯 Command Injection Payload List

command-injectioninjection安全vulnerabilitypayload-listpayloadcommand操作系统UnixLinuxWindowsmacOSapplicationapplication-securityBug Bountysecurity-researchvulnerability-researchsecurity-testing
3549
1 年前
ComplianceAsCode / content 

Security automation content in SCAP, Bash, Ansible, and other formats

安全compliancepci-dssstigapplication-securitysecurity-hardeningsecurity-automationhardeningCybersecurityAnsible
Shell
2544
1 天前
s4n7h0 / xvwa 

XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.

xvwaPHPapplication-securitylearning-appsecvulnerabilityknowledgeMySQL
PHP
1742
5 年前
metlo-labs / metlo 

Metlo is an open-source API security platform.

安全APIapi-securityapplication-securityCybersecurity监控vulnerabilitiesvulnerability-detectionmetloapi-pentestAmazon Web ServicesBug Bountybugbounty-toolsinfosectoolspentest
TypeScript
1727
2 个月前
harsh-bothra/learn365
harsh-bothra / learn365 

This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.

Bug BountycommunityCybersecurityvulnerabilitiesbugbountytipspentestingpentesting-toolslearningapplication-security
1671
3 年前
JakobTheDev/awesome-devsecops
JakobTheDev / awesome-devsecops 

Curating the best DevSecOps resources and tooling.

application-securityDevOpsdevsecopsAwesome ListsHacktoberfest
1574
1 年前
Safe3/uusec-waf
Safe3 / uusec-waf 

Industry-leading free, high-performance, AI and semantic technology Web Application Firewall and API Security Gateway (WAAP) - UUSEC WAF.

wafapplication-securityweb-application-firewallmodsecurityweb-security-gatewayAPIapi-securitywaap安全ddosowasphipsraspdata-maskxsssql-injectionuusecuusec-wafuuwafletsencrypt
Lua
1441
10 天前
openappsec / openappsec 

open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.

api-securityapplication-securityKubernetesnginxweb-application-firewallappsecdevsecopskongrate-limiting安全wafowaspowasp-top-ten
C++
1375
4 天前
m14r41 / PentestingEverything 

Penetration Testing For - Web | Mobile | API | Thick Client | Source Code Review | DevSecOps | Wireless | Network Pentesting, etc...

application-securityactive-directory-securityappsecdocker-securityforensic-analysisinfrastuctureiot-security-testingnetwork-securitysource-codethick-clientwifi-hacking
JavaScript
1330
1 个月前
user1342/Awesome-Android-Reverse-Engineering
user1342 / Awesome-Android-Reverse-Engineering 

A curated list of awesome Android Reverse Engineering training, resources, and tools.

Androidapplication-securityAwesome Listsmalware-analysis逆向工程工具trainingmobsec
1300
3 个月前
Janusec / janusec 

JANUSEC Application Gateway provides secure access, including reverse proxy, K8S Ingress Controller, Automatic ACME Certificate, WAF, 5-Second Shield, CC Defense, OAuth2 Authentication, Global Server Load Balance, and Cookie Compliance etc. JANUSEC应用网关,提供安全的接入,包括反向代理、K8S Ingress Controller、自动化ACME证书、WAF、5秒盾、CC防御、OAuth2身份认证、GSLB负载均衡与Cookie合规等。

wafweb-application-firewallload-balancegatewayapplication-securityGo安全web-application-securitysql-injectionport-forwardingacme
Go
1183
1 个月前
sh4hin / Androl4b 

A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis

mobile-securityAndroidpenetration-testing逆向工程application-security
1140
2 年前
Quitten / Autorize 

Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests

Authorizationburpsuiteburp-pluginjythonapplication-security
Python
1107
3 个月前