Ecosyste.ms: Repos

An open API service providing repository metadata for many open source software ecosystems.

GitHub topics: appsec

irgoncalves/awesome-security-articles

This repository contains links to awesome security articles.

Size: 42 KB - Last synced: about 8 hours ago - Pushed: 2 months ago - Stars: 35 - Forks: 7

h0tak88r/S8cN8tes

Cyber Security Notes, Methodology, Resources and Tips

Size: 15.1 MB - Last synced: about 9 hours ago - Pushed: about 10 hours ago - Stars: 97 - Forks: 26

maurosoria/dirsearch

Web path scanner

Language: Python - Size: 21.2 MB - Last synced: 10 days ago - Pushed: 11 days ago - Stars: 11,267 - Forks: 2,254

AiShieldsOrg/AiShieldsWeb

AiShields is an open-source Artificial Intelligence Data Input and Output Sanitizer

Language: Python - Size: 625 KB - Last synced: about 3 hours ago - Pushed: about 19 hours ago - Stars: 1 - Forks: 0

xeol-io/bumpgen

bumpgen is an AI agent that upgrades npm packages

Language: TypeScript - Size: 473 KB - Last synced: about 20 hours ago - Pushed: about 20 hours ago - Stars: 65 - Forks: 2

kingthorin/neonmarker

Continuation of the ZAP Neonmarker add-on previously by Juha Kivekรคs

Language: Java - Size: 404 KB - Last synced: 1 day ago - Pushed: 1 day ago - Stars: 9 - Forks: 7

broadinstitute/dsp-appsec-infrastructure-apps

This repository hosts DSP AppSec internal infrastructure apps deployed in GKE.

Language: Python - Size: 12.1 MB - Last synced: 1 day ago - Pushed: 1 day ago - Stars: 6 - Forks: 1

Trendyol/wolfichef

Secure image creator with wolfi packages.

Language: Go - Size: 3.35 MB - Last synced: 1 day ago - Pushed: 2 days ago - Stars: 33 - Forks: 1

infobyte/faraday

Open Source Vulnerability Management Platform

Language: Python - Size: 212 MB - Last synced: 1 day ago - Pushed: 12 days ago - Stars: 4,632 - Forks: 863

MultiverseCorp/sfdx-devsecops-demo

A SFDX sample application, we use to demonstrate how Clayton works.

Language: Apex - Size: 5.67 MB - Last synced: 1 day ago - Pushed: 1 day ago - Stars: 0 - Forks: 4

openziti/ziti

The parent project for OpenZiti. Here you will find the executables for a fully zero trust, application embedded, programmable network @OpenZiti

Language: Go - Size: 22.2 MB - Last synced: 21 days ago - Pushed: 22 days ago - Stars: 2,044 - Forks: 121

OWASP/CheatSheetSeries

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

Language: Python - Size: 1.47 GB - Last synced: 2 days ago - Pushed: 2 days ago - Stars: 26,643 - Forks: 3,743

openziti/sdk-golang

Ziti SDK for Golang

Language: Go - Size: 16.7 MB - Last synced: about 3 hours ago - Pushed: 1 day ago - Stars: 91 - Forks: 14

seal-community/cli

A CLI tool to scan and fix your project's open-source vulnerabilities using Seal packages.

Language: Go - Size: 332 KB - Last synced: 2 days ago - Pushed: 2 days ago - Stars: 14 - Forks: 0

infoslack/awesome-web-hacking

A list of web application security

Size: 139 KB - Last synced: 1 day ago - Pushed: about 2 months ago - Stars: 5,445 - Forks: 1,163

johnsaigle/scary-strings

Collection of wordlists containing dangerous function calls in many languages

Language: Makefile - Size: 62.5 KB - Last synced: 2 days ago - Pushed: 2 days ago - Stars: 20 - Forks: 5

zaproxy/zap-hud

The ZAP Heads Up Display (HUD)

Language: Java - Size: 9.35 MB - Last synced: 2 days ago - Pushed: 3 days ago - Stars: 252 - Forks: 151

microsoft/Security-101

8 Lessons, Kick-start Your Cybersecurity Learning.

Size: 4.34 MB - Last synced: 2 days ago - Pushed: 8 days ago - Stars: 3,394 - Forks: 344

hysnsec/awesome-threat-modelling

A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.

Language: Dockerfile - Size: 277 KB - Last synced: 2 days ago - Pushed: about 1 month ago - Stars: 1,266 - Forks: 232

mbrg/ShellControl

A JavaScript Shell PowerApps PCF component for education and research

Language: TypeScript - Size: 201 KB - Last synced: 3 days ago - Pushed: over 1 year ago - Stars: 2 - Forks: 0

derekhillhp/OWASPPDX-AppSec

Location of the slides presented during the OWASP PDX AppSec presentation on 19 May 2021

Size: 18.6 MB - Last synced: 3 days ago - Pushed: almost 3 years ago - Stars: 3 - Forks: 0

whitespots/devsecops-docs

Our documentation

Size: 649 MB - Last synced: 4 days ago - Pushed: 4 days ago - Stars: 0 - Forks: 0

OtherDevOpsGene/zap-sonar-plugin

Integrates OWASP Zed Attack Proxy reports into SonarQube

Language: HTML - Size: 1.42 MB - Last synced: 3 days ago - Pushed: 6 months ago - Stars: 67 - Forks: 29

OWASP/www-project-top-10-low-code-no-code-security-risks

OWASP Low-Code/No-Code Top 10

Language: HTML - Size: 442 KB - Last synced: 3 days ago - Pushed: about 2 months ago - Stars: 62 - Forks: 23

oversecured/ovaa

Oversecured Vulnerable Android App

Language: Java - Size: 144 KB - Last synced: 3 days ago - Pushed: 6 months ago - Stars: 606 - Forks: 150

cider-security-research/cicd-goat

A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.

Language: Python - Size: 67.1 MB - Last synced: 4 days ago - Pushed: 4 days ago - Stars: 1,812 - Forks: 266

openziti/ziti-sdk-c

A C-based sdk for delivering secure applications over a Ziti Network

Language: C - Size: 2.2 MB - Last synced: 4 days ago - Pushed: 4 days ago - Stars: 66 - Forks: 14

lauritzh/domscan

Simple tool to scan a website for (DOM-based) XSS vulnerabilities and Open Redirects.

Language: JavaScript - Size: 382 KB - Last synced: 4 days ago - Pushed: 4 days ago - Stars: 159 - Forks: 25

DefectDojo/django-DefectDojo

DevSecOps, ASPM, Vulnerability Management. All on one platform.

Language: HTML - Size: 138 MB - Last synced: 28 days ago - Pushed: 28 days ago - Stars: 3,370 - Forks: 1,447

OWASP-BLT/BLT

OWASP BLT is a bug logging tool to report issues and get points, companies are held accountable.

Language: HTML - Size: 68 MB - Last synced: 5 days ago - Pushed: 6 days ago - Stars: 118 - Forks: 124

Privado-Inc/privado

Open Source Static Scanning tool to detect data flows in your code, find data security vulnerabilities & generate accurate Play Store Data Safety Report.

Language: Dockerfile - Size: 29.4 MB - Last synced: 5 days ago - Pushed: 6 days ago - Stars: 473 - Forks: 55

jenkinsci/dependency-track-plugin

Main repository for the official Dependency-Track Jenkins plugin

Language: Java - Size: 5.61 MB - Last synced: 6 days ago - Pushed: 6 days ago - Stars: 41 - Forks: 27

webpwnized/mutillidae

OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security training. This is an easy-to-use web hacking environment designed for labs, security enthusiasts, classrooms, CTF, and vulnerability assessment tool targets.

Language: PHP - Size: 9.99 MB - Last synced: 3 days ago - Pushed: 3 months ago - Stars: 1,178 - Forks: 388

dschadow/JavaSecurity

Java web and command line applications demonstrating various security topics

Language: Java - Size: 2.36 MB - Last synced: 5 days ago - Pushed: 6 days ago - Stars: 231 - Forks: 114

Bearer/bearer

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

Language: Go - Size: 22.7 MB - Last synced: 6 days ago - Pushed: 6 days ago - Stars: 1,749 - Forks: 81

OWASP/Go-SCP

Golang Secure Coding Practices guide

Language: Go - Size: 23 MB - Last synced: 2 days ago - Pushed: 3 months ago - Stars: 4,734 - Forks: 362

pojntfx/uni-appsecurity-notes

Notes for the Anwendungssicherheit (app security) course at HdM Stuttgart.

Size: 16.4 MB - Last synced: 7 days ago - Pushed: 7 days ago - Stars: 6 - Forks: 0

rushikeshhh-patil/OTP-Bypass

A demonstration lab showing the risks and exploitation techniques for hardcoded encryption keys in client-side JavaScript. This educational repository provides a hands-on approach to understanding how exposed keys can be used to intercept, decrypt, and manipulate encrypted web communications, including bypassing security controls like OTP.

Language: HTML - Size: 26.4 KB - Last synced: 7 days ago - Pushed: 7 days ago - Stars: 1 - Forks: 0

Kylmakalle/devicecheck

Reduce fraudulent use of your services by managing device state and asserting app integrity via Apple DeviceCheck API with this Python wrapper.

Language: Python - Size: 38.1 KB - Last synced: 8 days ago - Pushed: 8 days ago - Stars: 20 - Forks: 4

equinor/appsec-fundamentals-authn-authz-cs

A hands-on AppSec fundamentals workshop where we explore protecting API's and Web apps

Language: JavaScript - Size: 1.48 MB - Last synced: 8 days ago - Pushed: 9 days ago - Stars: 10 - Forks: 3

OWASP/www-community

OWASP Community Pages are a place where OWASP can accept community contributions for security-related content.

Language: HTML - Size: 214 MB - Last synced: 10 days ago - Pushed: 11 days ago - Stars: 1,018 - Forks: 644

hp271/awesome-dev-first-security

A curated collection of tools and resources for building security with a developer first approach.

Size: 200 KB - Last synced: 4 days ago - Pushed: almost 2 years ago - Stars: 28 - Forks: 2

NeuraLegion/sectester-js

SecTester is a new tool that integrates our enterprise-grade scan engine directly into your unit tests.

Language: TypeScript - Size: 5.19 MB - Last synced: 9 days ago - Pushed: 10 days ago - Stars: 4 - Forks: 4

albuch/sbt-dependency-check

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). :rainbow:

Language: Scala - Size: 5.07 MB - Last synced: 10 days ago - Pushed: 28 days ago - Stars: 261 - Forks: 34

urbanadventurer/WhatWeb

Next generation web scanner

Language: Ruby - Size: 10.5 MB - Last synced: 10 days ago - Pushed: 4 months ago - Stars: 5,103 - Forks: 876

kingthorin/kingthorin

@kingthorin's profile repo

Size: 177 KB - Last synced: 10 days ago - Pushed: about 1 month ago - Stars: 1 - Forks: 0

Anof-cyber/Burp-Crypto

A Burp Suite Extension to encrypt the parameters

Language: Python - Size: 8.79 KB - Last synced: 10 days ago - Pushed: over 1 year ago - Stars: 1 - Forks: 0

OWASP/www-project-vulnerable-web-applications-directory

The OWASP Vulnerable Web Applications Directory (VWAD) Project - OWASP Web Site

Language: HTML - Size: 1.21 MB - Last synced: 10 days ago - Pushed: 29 days ago - Stars: 16 - Forks: 22

adityatelange/MobSleuth

Scripts to set up your own Android ๐Ÿ“ฑ app hacking lab

Language: Shell - Size: 78.1 KB - Last synced: 10 days ago - Pushed: 11 days ago - Stars: 47 - Forks: 7

OWASP/wstg

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

Language: Dockerfile - Size: 20.2 MB - Last synced: 10 days ago - Pushed: 12 days ago - Stars: 6,700 - Forks: 1,262

Anof-cyber/Application-Security

Resources for Application Security including Web, API, Android, iOS and Thick Client

Size: 305 KB - Last synced: 10 days ago - Pushed: 11 months ago - Stars: 634 - Forks: 51

OWASP/OWASP-VWAD

The OWASP Vulnerable Web Applications Directory project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.

Size: 250 KB - Last synced: 10 days ago - Pushed: 29 days ago - Stars: 824 - Forks: 208

fortify-presales/FortifyDemoApp

Insecure Web application for use in Fortify demonstrations

Language: CSS - Size: 2.59 MB - Last synced: 11 days ago - Pushed: 11 days ago - Stars: 0 - Forks: 0

payatu/iBugBazaar

iOS iBugBazaar: Your mobile appsec playground to Explore, Exploit, Excel

Language: Makefile - Size: 37.8 MB - Last synced: 12 days ago - Pushed: 12 days ago - Stars: 8 - Forks: 1

openziti/ziti-tunnel-sdk-c

Language: C++ - Size: 1.9 MB - Last synced: 11 days ago - Pushed: 12 days ago - Stars: 42 - Forks: 13

pritchyspritch/pritchyspritch.github.io

Language: Ruby - Size: 231 KB - Last synced: 12 days ago - Pushed: 12 days ago - Stars: 0 - Forks: 1

talsec/Free-RASP-Community

SDK providing app protection and threat monitoring for mobile devices, available for Flutter, Cordova, Android and iOS.

Size: 8.96 MB - Last synced: 12 days ago - Pushed: 12 days ago - Stars: 242 - Forks: 11

AppThreat/joern-lib ๐Ÿ“ฆ

Python library for code analysis with CPG and Joern

Language: Jupyter Notebook - Size: 4.39 MB - Last synced: 12 days ago - Pushed: 11 months ago - Stars: 8 - Forks: 0

NeuraLegion/sectester-go

SecTester is a new tool that integrates our enterprise-grade scan engine directly into your unit tests.

Language: Go - Size: 109 KB - Last synced: 14 days ago - Pushed: about 1 year ago - Stars: 0 - Forks: 0

NeuraLegion/issue-linker

A CLI tool to link between SAST issues and BrightSec issues

Language: Crystal - Size: 54.7 KB - Last synced: 14 days ago - Pushed: 4 months ago - Stars: 0 - Forks: 0

jenkinsci/dependency-check-plugin

Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).

Language: Java - Size: 2.9 MB - Last synced: 10 days ago - Pushed: 10 days ago - Stars: 126 - Forks: 70

OWASP/railsgoat

A vulnerable version of Rails that follows the OWASP Top 10

Language: HTML - Size: 7.7 MB - Last synced: 10 days ago - Pushed: 3 months ago - Stars: 854 - Forks: 651

OWASP/www-project-threat-dragon

OWASP Foundation Threat Dragon Project Web Repository

Language: HTML - Size: 8.18 MB - Last synced: 10 days ago - Pushed: 16 days ago - Stars: 59 - Forks: 22

mrrootsec/AssetViz

AssetViz simplifies the visualization of subdomains from input files, presenting them as a coherent mind map. Ideal for penetration testers and bug bounty hunters conducting reconnaissance, AssetViz provides intuitive insights into domain structures for informed decision-making.

Language: Go - Size: 382 KB - Last synced: 10 days ago - Pushed: about 1 month ago - Stars: 23 - Forks: 2

mercedes-benz/sechub

SecHub provides a central API to test software with different security tools.

Language: Java - Size: 30.7 MB - Last synced: 17 days ago - Pushed: 17 days ago - Stars: 242 - Forks: 55

OWASP/threat-model-cookbook

This project is about creating and publishing threat model examples.

Language: Python - Size: 6.12 MB - Last synced: 10 days ago - Pushed: over 2 years ago - Stars: 396 - Forks: 68

zaproxy/zap-extensions

ZAP Add-ons

Language: Java - Size: 922 MB - Last synced: 19 days ago - Pushed: 19 days ago - Stars: 797 - Forks: 670

SasanLabs/VulnerableApp

OWASP VulnerableApp Project: For Security Enthusiasts by Security Enthusiasts.

Language: Java - Size: 41.4 MB - Last synced: 9 days ago - Pushed: 12 days ago - Stars: 252 - Forks: 337

openziti/ziti-browzer-core

Core componentry for the Ziti browZer ecosystem (used internally by ziti-browzer-runtime and ziti-sdk-browzer)

Language: JavaScript - Size: 1.75 MB - Last synced: 18 days ago - Pushed: 19 days ago - Stars: 9 - Forks: 1

ispras/casr

Collect crash (or UndefinedBehaviorSanitizer error) reports, triage, and estimate severity.

Language: Rust - Size: 37.8 MB - Last synced: 25 days ago - Pushed: 26 days ago - Stars: 237 - Forks: 24

JuxhinDB/OOB-Server

A Bind9 server for pentesters to use for Out-of-Band vulnerabilities

Language: Shell - Size: 21.5 KB - Last synced: 18 days ago - Pushed: over 4 years ago - Stars: 178 - Forks: 70

openziti/ziti-sdk-csharp

An C#-based SDK to access Ziti

Language: C# - Size: 1.15 MB - Last synced: 15 days ago - Pushed: 18 days ago - Stars: 39 - Forks: 5

Regnology/lucy

Lucy is a component analysis platform to minimize the risk of license infringements and to support and optimize the license compliance process.

Language: Java - Size: 1.49 MB - Last synced: 8 months ago - Pushed: 11 months ago - Stars: 6 - Forks: 1

alejandrosaenz117/fetch-cwe-list

A simple Node.js module that fetches and parses the latest Common Weakness Enumeration (CWE) list

Language: JavaScript - Size: 551 KB - Last synced: 5 days ago - Pushed: 4 months ago - Stars: 6 - Forks: 2

dependency-check/dependency-check-sonar-plugin

Integrates Dependency-Check reports into SonarQube

Language: Java - Size: 7.01 MB - Last synced: 25 days ago - Pushed: 27 days ago - Stars: 550 - Forks: 127

ajinabraham/njsscan

njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.

Language: JavaScript - Size: 396 KB - Last synced: 10 days ago - Pushed: about 1 month ago - Stars: 344 - Forks: 75

openappsec/openappsec

open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.

Language: C++ - Size: 32.1 MB - Last synced: 19 days ago - Pushed: 20 days ago - Stars: 655 - Forks: 42

ajinabraham/libsast

Generic SAST Library

Language: Python - Size: 286 KB - Last synced: 10 days ago - Pushed: 7 months ago - Stars: 118 - Forks: 17

Acceis/avcs-website

Website of ACCEIS Vulnerable Code Snippets repository

Language: HTML - Size: 16.6 KB - Last synced: 21 days ago - Pushed: 8 months ago - Stars: 2 - Forks: 1

aka99/sdl

SDL Security Development Lifecycle Practice

Size: 40 KB - Last synced: 21 days ago - Pushed: about 7 years ago - Stars: 8 - Forks: 1

openziti/ziti-sdk-py

Ziti SDK for Python

Language: Python - Size: 389 KB - Last synced: 21 days ago - Pushed: 6 months ago - Stars: 62 - Forks: 2

blacklanternsecurity/badsecrets

A library for detecting known secrets across many web frameworks

Language: Python - Size: 3.59 MB - Last synced: 20 days ago - Pushed: about 2 months ago - Stars: 409 - Forks: 30

summitt/Nope-Proxy

TCP/UDP Non-HTTP Proxy Extension (NoPE) for Burp Suite.

Language: Java - Size: 1.2 MB - Last synced: 26 days ago - Pushed: 3 months ago - Stars: 1,502 - Forks: 237

treddis/dotdotfarm

Fast Path Traversal exploitation tool

Language: Python - Size: 110 KB - Last synced: 21 days ago - Pushed: 22 days ago - Stars: 21 - Forks: 1

zaproxy/zaproxy

The ZAP core project

Language: Java - Size: 188 MB - Last synced: 28 days ago - Pushed: 29 days ago - Stars: 11,956 - Forks: 2,183

Checkmarx/2ms

Too many secrets (2MS) helps people protect their secrets on any file or on systems like CMS, chats and git

Language: Go - Size: 297 KB - Last synced: 24 days ago - Pushed: 24 days ago - Stars: 65 - Forks: 16

Orange-Cyberdefense/grepmarx

A source code static analysis platform for AppSec enthusiasts.

Language: Python - Size: 166 MB - Last synced: 22 days ago - Pushed: 26 days ago - Stars: 182 - Forks: 23

kaakaww/stackhawk-custom-image

๐Ÿ‹ Customize your own StackHawk docker images

Language: TypeScript - Size: 744 KB - Last synced: 18 days ago - Pushed: 6 months ago - Stars: 6 - Forks: 4

Checkmarx/kics

Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.

Language: Open Policy Agent - Size: 613 MB - Last synced: 24 days ago - Pushed: 24 days ago - Stars: 1,886 - Forks: 286

hupe1980/node-rasp

Simple nodejs rasp solution

Language: TypeScript - Size: 312 KB - Last synced: 24 days ago - Pushed: about 1 year ago - Stars: 0 - Forks: 0

0x646e78/sonarq

A local SonarQube scanning solution

Language: Python - Size: 18.6 KB - Last synced: 24 days ago - Pushed: over 3 years ago - Stars: 0 - Forks: 0

OWASP/www-project-machine-learning-security-top-10

OWASP Machine Learning Security Top 10 Project

Language: HTML - Size: 46.4 MB - Last synced: 10 days ago - Pushed: about 2 months ago - Stars: 57 - Forks: 18

snyk-labs/snyk-iac-pr-annotations

A POC showing how to use Snyk IaC product in PR checks

Language: TypeScript - Size: 137 KB - Last synced: 26 days ago - Pushed: about 3 years ago - Stars: 0 - Forks: 2

Soluto/kamus

An open source, git-ops, zero-trust secret encryption and decryption solution for Kubernetes applications

Language: C# - Size: 4.22 MB - Last synced: 23 days ago - Pushed: 8 months ago - Stars: 913 - Forks: 67

doyensec/Session-Hijacking-Visual-Exploitation

Session Hijacking Visual Exploitation

Language: JavaScript - Size: 1.31 MB - Last synced: 14 days ago - Pushed: 2 months ago - Stars: 179 - Forks: 14

andresriancho/w3af

w3af: web application attack and audit framework, the open source web vulnerability scanner.

Language: Python - Size: 166 MB - Last synced: 26 days ago - Pushed: about 1 year ago - Stars: 4,438 - Forks: 1,205

seal-community/patches

A centralized repository of standalone security patches for open source libraries.

Size: 804 KB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 177 - Forks: 0

DependencyTrack/dependency-track

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Language: Java - Size: 94.4 MB - Last synced: 28 days ago - Pushed: 28 days ago - Stars: 2,306 - Forks: 503

DataDog/dd-trace-go

Datadog Go Library including APM tracing, profiling, and security monitoring.

Language: Go - Size: 49.9 MB - Last synced: 28 days ago - Pushed: 29 days ago - Stars: 593 - Forks: 407

klarna-incubator/gram

Gram is Klarna's own threat model diagramming tool

Language: TypeScript - Size: 10.6 MB - Last synced: 29 days ago - Pushed: 30 days ago - Stars: 170 - Forks: 8

Related Keywords
appsec 343 security 162 owasp 61 devsecops 57 pentesting 53 application-security 45 security-tools 41 infosec 36 hacking 35 bugbounty 28 penetration-testing 27 cybersecurity 26 python 20 sast 18 security-automation 17 vulnerability 17 burpsuite 16 devops 16 hacktoberfest 16 owasp-top-10 16 zero-trust 15 vulnerabilities 15 netsec 14 zero-trust-network 14 zero-trust-network-access 14 zero-trust-security 14 ztna 13 burp-extensions 12 docker 12 vulnerability-scanners 12 security-testing 12 zerotrust 12 sdk 11 redteam 11 pentest 11 websecurity 10 api 10 security-audit 10 appsec-tutorials 10 testing 10 fuzzing 10 software-security 10 zap 9 dast 9 openziti 9 security-scanner 9 android 9 xss 9 scanner 9 golang 9 web 8 cve 8 ctf 8 threat-modeling 8 nodejs 8 bug-bounty 8 fortify 8 web-security 8 static-analysis 8 php 8 appsec-testing 7 redteaming 7 java 7 cicd 7 vulnerability-assessment 7 sca 7 vulnerability-management 7 javascript 7 automation 7 appsecurity 7 vulnerable 7 webappsec 7 software-composition-analysis 7 blueteam 7 bugbountytips 6 applicationsecurity 6 pentest-tool 6 kubernetes 6 brightsec 6 e2e 6 qa 6 recon 6 web-hacking 6 typescript 6 nvd 6 vulnerable-application 5 burp 5 django 5 security-vulnerability 5 penetration-testing-tools 5 awesome-list 5 hacking-tools 5 dynamic-analysis 5 test 5 hacking-tool 5 vulnerable-web-app 5 ssrf 5 owasp-top-ten 5 sql-injection 5 ai 4