Repository navigation
owasp-top-ten
- Website
- Wikipedia
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.
open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.
vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
A burp suite extension that reviews backup, old, temporary and unreferenced files on web server for sensitive information (OWASP WSTG-CONF-04, OTG-CONFIG-004)
A simple PHP application to learn SQL Injection detection and exploitation techniques.
A burp suite extension that enumerates infrastructure and application admin interfaces (OTG-CONFIG-005)
this repository is a docker containing some "XSS vulnerability" challenges and bypass examples.
Python and Django implementation of the OWASP RailsGoat project
This repository is a dockerized PHP application containing some file upload vulnerability challenges (scenarios).
A Laravel package that helps developers ensure their applications follow OWASP Top 10 security guidelines.
PoC for CVE-2021-45897
Aplicación vulnerable al OWASP Top 10 2021, para el Curso de OWASP Top 10: Riesgos en Aplicaciones.
PoC for CVE-2022-23940
Vulnerable FastAPI in reference to Opensource Web Application Security Project (OWASP) TOP 10: 2021
Powerful, beautiful, fast & functional multi threaded static web server using only stdlib in rust with a template engine with multipart support
Praktek API Penetration Testing menggunakan Owasp crAPI
OWASP Automated Threats (OATv2) concise guide, highlighting real-world exploit methods, attacker motives and associated bug bounty values.
OWASP - San Juan Chapter