Repository navigation

#

application-security

OWASP / CheatSheetSeries 

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

owaspCode安全cheatsheetsbest-practicesappsecapplication-security
Python
29332
2 天前
chaitin/SafeLine
chaitin / SafeLine 

SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.

firewallhttp-flood安全sql-injectionwafweb-application-firewallweb-securityxsscaptchaAPIappsecCommon Vulnerabilities and Exposures (CVE)Cybersecurityhackersvulnerabilitywebsecurityapplication-securitybruteforceblueteam自托管
Go
16087
9 天前
juice-shop/juice-shop
juice-shop / juice-shop 

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

owaspJavaScriptvulnerableHackingapplication-securityowasp-top-10owasp-top-tenpentestingvulnappappsecctfHacktoberfest24pullrequests安全
TypeScript
11118
2 天前
OWASP/wstg
OWASP / wstg 

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

best-practicesguideowaspBug Bountypenetration-testingpentestingapplication-security安全HacktoberfestappsecHacking
Dockerfile
7865
20 天前
paragonie / awesome-appsec 

A curated list of resources for learning about application security

security-expertsreading-listcuratedapplication-security安全owasp
PHP
6496
2 个月前
urbanadventurer / WhatWeb 

Next generation web scanner

安全WebscannerRubypenetration-testingkali-linuxowasppenetration-testing-toolspenetration-testHackinghacking-toolsnetwork-securityReconnaissanceappsecapplication-securitypentestingpentesting-toolspentestweb-hacking
Ruby
5828
9 个月前
jassics / security-study-plan 

Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...

aws-securitystudy-guidestudy-planappsecappsec-tutorialsazure-securitydevsecops-universitygcp-securitypentestingapplication-securityCybersecuritysecurity-testingapi-security
4582
3 个月前
payloadbox / command-injection-payload-list 

🎯 Command Injection Payload List

command-injectioninjection安全vulnerabilitypayload-listpayloadcommand操作系统UnixLinuxWindowsmacOSapplicationapplication-securityBug Bountysecurity-researchvulnerability-researchsecurity-testing
3236
9 个月前
ComplianceAsCode / content 

Security automation content in SCAP, Bash, Ansible, and other formats

安全compliancepci-dssstigapplication-securitysecurity-hardeningsecurity-automationhardeningCybersecurityAnsible
Shell
2401
4 小时前
s4n7h0 / xvwa 

XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.

xvwaPHPapplication-securitylearning-appsecvulnerabilityknowledgeMySQL
PHP
1725
5 年前
harsh-bothra/learn365
harsh-bothra / learn365 

This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.

Bug BountycommunityCybersecurityvulnerabilitiesbugbountytipspentestingpentesting-toolslearningapplication-security
1646
3 年前
metlo-labs / metlo 

Metlo is an open-source API security platform.

安全APIapi-securityapplication-securityCybersecurity监控vulnerabilitiesvulnerability-detectionmetloapi-pentestAmazon Web ServicesBug Bountybugbounty-toolsinfosectoolspentest
TypeScript
1639
1 年前
JakobTheDev/awesome-devsecops
JakobTheDev / awesome-devsecops 

Curating the best DevSecOps resources and tooling.

application-securityDevOpsdevsecopsAwesome ListsHacktoberfest
1493
9 个月前
openappsec / openappsec 

open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.

api-securityapplication-securityKubernetesnginxweb-application-firewallappsecdevsecopskongrate-limiting安全wafowaspowasp-top-ten
C++
1175
2 天前
Janusec / janusec 

JANUSEC Application Gateway provides secure access, including reverse proxy, K8S Ingress Controller, Automatic ACME Certificate, WAF, 5-Second Shield, CC Defense, OAuth2 Authentication, Global Server Load Balance, and Cookie Compliance etc. JANUSEC应用网关,提供安全的接入,包括反向代理、K8S Ingress Controller、自动化ACME证书、WAF、5秒盾、CC防御、OAuth2身份认证、GSLB负载均衡与Cookie合规等。

wafweb-application-firewallload-balancegatewayapplication-securityGo安全web-application-securitysql-injectionport-forwardingacme
Go
1166
1 个月前
sh4hin / Androl4b 

A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis

mobile-securityAndroidpenetration-testing逆向工程application-security
1127
2 年前
Safe3/uuWAF
Safe3 / uuWAF 

An industry-leading free, high-performance, AI and semantic technology Web Application Firewall and API Security Gateway (WAAP) - UUSEC WAF.

wafapplication-securityweb-application-firewallmodsecurityAPIapi-security安全ddosowaspraspxsssql-injectionnginx
C
1075
21 小时前
user1342/Awesome-Android-Reverse-Engineering
user1342 / Awesome-Android-Reverse-Engineering 

A curated list of awesome Android Reverse Engineering training, resources, and tools.

Androidapplication-securityAwesome Listsmalware-analysis逆向工程工具trainingmobsec
1037
1 个月前
Quitten / Autorize 

Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests

authorizationburpsuiteburp-pluginjythonapplication-security
Python
1016
1 个月前
guardrailsio / awesome-php-security 

Awesome PHP Security Resources 🕶🐘🔐

PHP安全application-securitydevsecopsAwesome Lists
988
2 年前