Repository navigation
owasp-top-ten
- Website
- Wikipedia
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.
vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.
A burp suite extension that reviews backup, old, temporary and unreferenced files on web server for sensitive information (OWASP WSTG-CONF-04, OTG-CONFIG-004)
A burp suite extension that enumerates infrastructure and application admin interfaces (OTG-CONFIG-005)
this repository is a docker containing some "XSS vulnerability" challenges and bypass examples.
A simple PHP application to learn SQL Injection detection and exploitation techniques.
Python and Django implementation of the OWASP RailsGoat project
This repository is a dockerized PHP application containing some file upload vulnerability challenges (scenarios).
PoC for CVE-2021-45897
Aplicación vulnerable al OWASP Top 10 2021, para el Curso de OWASP Top 10: Riesgos en Aplicaciones.
PoC for CVE-2022-23940
Vulnerable FastAPI in reference to Opensource Web Application Security Project (OWASP) TOP 10: 2021
Praktek API Penetration Testing menggunakan Owasp crAPI
OWASP - San Juan Chapter
OWASP Juice Shop AutoPwn - Automated Challenge Solver for OWASP Juice Shop using Selenium & Requests
This repository is a dockerized PHP application containing some captcha logical bypass challenges (scenarios).
This will test various HTTP Request types against a web server