Repository navigation

#

appsec

OWASP / CheatSheetSeries 

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

owaspCode安全cheatsheetsbest-practicesappsecapplication-security
Python
30106
7 天前
chaitin/SafeLine
chaitin / SafeLine 

SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.

firewallhttp-flood安全sql-injectionwafweb-application-firewallweb-securityxsscaptchaAPIappsecCommon Vulnerabilities and Exposures (CVE)Cybersecurityhackersvulnerabilitywebsecurityapplication-securitybruteforceblueteam自托管
Go
17447
6 天前
zaproxy / zaproxy 

The ZAP by Checkmarx Core project

zapzap-developmentdastappseczaproxy安全security-scannerHacktoberfest
Java
13962
1 天前
maurosoria / dirsearch 

Web path scanner

fuzzerFuzzing/Fuzz testingPython安全dirsearchHackingpentestingpenetration-testingBug Bountyappsecwordlisthacking-toolCybersecuritybrutescannerenumerationpentest-toolred-teamingredteam
Python
13265
2 个月前
juice-shop/juice-shop
juice-shop / juice-shop 

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

owaspJavaScriptvulnerableHackingapplication-securityowasp-top-10owasp-top-tenpentestingvulnappappsecctfHacktoberfest24pullrequests安全
TypeScript
11580
2 天前
OWASP/wstg
OWASP / wstg 

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

best-practicesguideowaspBug Bountypenetration-testingpentestingapplication-security安全HacktoberfestappsecHacking
Dockerfile
8233
7 天前
infoslack / awesome-web-hacking 

A list of web application security

penetration-testingweb-hackingvulnerabilitiesscannerHackinghacking-toolsmetasploitweb-securityappsecowasppentesting安全vulnerability
6364
3 个月前
urbanadventurer / WhatWeb 

Next generation web scanner

安全WebscannerRubypenetration-testingkali-linuxowasppenetration-testing-toolspenetration-testHackinghacking-toolsnetwork-securityReconnaissanceappsecapplication-securitypentestingpentesting-toolspentestweb-hacking
Ruby
6011
18 天前
infobyte / faraday 

Open Source Vulnerability Management Platform

DevOpspenetration-testingvulnerabilityvulnerability-scanners安全pentestingcontinuous-scanningCybersecurityvulnerability-managementcollaborationburpsuitenessusnmapdevsecopssecurity-automationorchestrationCommon Vulnerabilities and Exposures (CVE)appsec
Python
5895
20 天前
microsoft/Security-101
microsoft / Security-101 

8 Lessons, Kick-start Your Cybersecurity Learning.

appseccia-triaddata-protectiondata-securityiamidentityrisk-managementsecops安全threat-modelingzero-trust
HTML
5584
13 天前
OWASP / Go-SCP 

Golang Secure Coding Practices guide

appsecGo
Go
5181
1 年前
andresriancho / w3af 

w3af: web application attack and audit framework, the open source web vulnerability scanner.

scanner安全appseccross-site-scriptingsql-injection
Python
4751
2 年前
jassics / security-study-plan 

Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...

aws-securitystudy-guidestudy-planappsecappsec-tutorialsazure-securitydevsecops-universitygcp-securitypentestingapplication-securityCybersecuritysecurity-testingapi-security
4671
22 天前
DefectDojo / django-DefectDojo 

DevSecOps, ASPM, Vulnerability Management. All on one platform.

Pythonvulnerability-databasesDjango安全owaspanalyticsvulnerability-management自动化security-automationsecurity-orchestrationdevsecopsvulnerability-correlationKubernetesHacktoberfestappsec
HTML
4167
2 小时前
projectdiscovery / interactsh 

An OOB interaction gathering server and client library

appsecoastdns安全HTTPsmtpldapoobBug BountyGo
Go
3894
2 天前
foospidy / payloads 

Git All the Payloads! A collection of web attack payloads.

payloadpayloadsxsssqliweb-attack-payloadspasswordspentestHackingappsecCybersecurity
Shell
3820
2 年前
openziti/ziti
openziti / ziti 

The parent project for OpenZiti. Here you will find the executables for a fully zero trust, application embedded, programmable network @OpenZiti

Networkvpn-2appseczero-trustzero-trust-cloudzero-trust-networkzero-trust-network-accesszero-trust-securityztaaoverlayoverlay-networknetsecVirtual Private NetworkzerotrustmeshGo
Go
3522
13 小时前
DependencyTrack/dependency-track
DependencyTrack / dependency-track 

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

owaspappsec安全bomvulnerabilitiescomponent-analysisnvdsoftware-securitysoftware-composition-analysisscabill-of-materialspackage-urlpurlvulnerability-detectionossindexsbomdevsecopssecurity-automationcyclonedxHacktoberfest
Java
3181
6 天前
Checkmarx / kics 

Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.

Infrastructure as code安全appseccloudnativeHacktoberfestdevsecopsGovulnerability-detectionvulnerability-scannersOpen Policy Agent
Open Policy Agent
2442
1 天前
Bearer / bearer 

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

appseccompliancedevsecopsdevsecops-tools安全dataflowgdpr隐私sastStatic code analysisvulnerabilitysecurity-scannervulnerabilitiesCode qualitystatic-analysissecurity-automationowasp
Go
2380
2 天前