Repository navigation

#

application-security

OWASP / CheatSheetSeries 

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

owaspCode安全cheatsheetsbest-practicesappsecapplication-security
Python
30115
7 天前
chaitin/SafeLine
chaitin / SafeLine 

SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.

firewallhttp-flood安全sql-injectionwafweb-application-firewallweb-securityxsscaptchaAPIappsecCommon Vulnerabilities and Exposures (CVE)Cybersecurityhackersvulnerabilitywebsecurityapplication-securitybruteforceblueteam自托管
Go
17446
6 天前
juice-shop/juice-shop
juice-shop / juice-shop 

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

owaspJavaScriptvulnerableHackingapplication-securityowasp-top-10owasp-top-tenpentestingvulnappappsecctfHacktoberfest24pullrequests安全
TypeScript
11581
2 天前
OWASP/wstg
OWASP / wstg 

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

best-practicesguideowaspBug Bountypenetration-testingpentestingapplication-security安全HacktoberfestappsecHacking
Dockerfile
8235
7 天前
paragonie / awesome-appsec 

A curated list of resources for learning about application security

security-expertsreading-listcuratedapplication-security安全owasp
PHP
6625
6 个月前
urbanadventurer / WhatWeb 

Next generation web scanner

安全WebscannerRubypenetration-testingkali-linuxowasppenetration-testing-toolspenetration-testHackinghacking-toolsnetwork-securityReconnaissanceappsecapplication-securitypentestingpentesting-toolspentestweb-hacking
Ruby
6012
18 天前
jassics / security-study-plan 

Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...

aws-securitystudy-guidestudy-planappsecappsec-tutorialsazure-securitydevsecops-universitygcp-securitypentestingapplication-securityCybersecuritysecurity-testingapi-security
4671
22 天前
payloadbox / command-injection-payload-list 

🎯 Command Injection Payload List

command-injectioninjection安全vulnerabilitypayload-listpayloadcommand操作系统UnixLinuxWindowsmacOSapplicationapplication-securityBug Bountysecurity-researchvulnerability-researchsecurity-testing
3456
1 年前
ComplianceAsCode / content 

Security automation content in SCAP, Bash, Ansible, and other formats

安全compliancepci-dssstigapplication-securitysecurity-hardeningsecurity-automationhardeningCybersecurityAnsible
Shell
2516
13 小时前
s4n7h0 / xvwa 

XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.

xvwaPHPapplication-securitylearning-appsecvulnerabilityknowledgeMySQL
PHP
1737
5 年前
metlo-labs / metlo 

Metlo is an open-source API security platform.

安全APIapi-securityapplication-securityCybersecurity监控vulnerabilitiesvulnerability-detectionmetloapi-pentestAmazon Web ServicesBug Bountybugbounty-toolsinfosectoolspentest
TypeScript
1725
1 个月前
harsh-bothra/learn365
harsh-bothra / learn365 

This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.

Bug BountycommunityCybersecurityvulnerabilitiesbugbountytipspentestingpentesting-toolslearningapplication-security
1669
3 年前
JakobTheDev/awesome-devsecops
JakobTheDev / awesome-devsecops 

Curating the best DevSecOps resources and tooling.

application-securityDevOpsdevsecopsAwesome ListsHacktoberfest
1556
1 年前
Safe3/uusec-waf
Safe3 / uusec-waf 

Industry-leading free, high-performance, AI and semantic technology Web Application Firewall and API Security Gateway (WAAP) - UUSEC WAF.

wafapplication-securityweb-application-firewallmodsecurityweb-security-gatewayAPIapi-securitywaap安全ddosowasphipsraspdata-maskxsssql-injectionuusecuusec-wafuuwafletsencrypt
Lua
1387
17 小时前
openappsec / openappsec 

open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.

api-securityapplication-securityKubernetesnginxweb-application-firewallappsecdevsecopskongrate-limiting安全wafowaspowasp-top-ten
C++
1318
8 天前
user1342/Awesome-Android-Reverse-Engineering
user1342 / Awesome-Android-Reverse-Engineering 

A curated list of awesome Android Reverse Engineering training, resources, and tools.

Androidapplication-securityAwesome Listsmalware-analysis逆向工程工具trainingmobsec
1216
1 个月前
Janusec / janusec 

JANUSEC Application Gateway provides secure access, including reverse proxy, K8S Ingress Controller, Automatic ACME Certificate, WAF, 5-Second Shield, CC Defense, OAuth2 Authentication, Global Server Load Balance, and Cookie Compliance etc. JANUSEC应用网关,提供安全的接入,包括反向代理、K8S Ingress Controller、自动化ACME证书、WAF、5秒盾、CC防御、OAuth2身份认证、GSLB负载均衡与Cookie合规等。

wafweb-application-firewallload-balancegatewayapplication-securityGo安全web-application-securitysql-injectionport-forwardingacme
Go
1179
5 个月前
sh4hin / Androl4b 

A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis

mobile-securityAndroidpenetration-testing逆向工程application-security
1141
2 年前
Quitten / Autorize 

Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests

Authorizationburpsuiteburp-pluginjythonapplication-security
Python
1092
2 个月前
guardrailsio / awesome-php-security 

Awesome PHP Security Resources 🕶🐘🔐

PHP安全application-securitydevsecopsAwesome Lists
997
2 年前