Ecosyste.ms: Repos
An open API service providing repository metadata for many open source software ecosystems.
GitHub topics: appsec
irgoncalves/awesome-security-articles
This repository contains links to awesome security articles.
Size: 42 KB - Last synced: about 8 hours ago - Pushed: 2 months ago - Stars: 35 - Forks: 7
h0tak88r/S8cN8tes
Cyber Security Notes, Methodology, Resources and Tips
Size: 15.1 MB - Last synced: about 9 hours ago - Pushed: about 10 hours ago - Stars: 97 - Forks: 26
maurosoria/dirsearch
Web path scanner
Language: Python - Size: 21.2 MB - Last synced: 10 days ago - Pushed: 11 days ago - Stars: 11,267 - Forks: 2,254
AiShieldsOrg/AiShieldsWeb
AiShields is an open-source Artificial Intelligence Data Input and Output Sanitizer
Language: Python - Size: 625 KB - Last synced: about 3 hours ago - Pushed: about 19 hours ago - Stars: 1 - Forks: 0
xeol-io/bumpgen
bumpgen is an AI agent that upgrades npm packages
Language: TypeScript - Size: 473 KB - Last synced: about 20 hours ago - Pushed: about 20 hours ago - Stars: 65 - Forks: 2
kingthorin/neonmarker
Continuation of the ZAP Neonmarker add-on previously by Juha Kivekรคs
Language: Java - Size: 404 KB - Last synced: 1 day ago - Pushed: 1 day ago - Stars: 9 - Forks: 7
broadinstitute/dsp-appsec-infrastructure-apps
This repository hosts DSP AppSec internal infrastructure apps deployed in GKE.
Language: Python - Size: 12.1 MB - Last synced: 1 day ago - Pushed: 1 day ago - Stars: 6 - Forks: 1
Trendyol/wolfichef
Secure image creator with wolfi packages.
Language: Go - Size: 3.35 MB - Last synced: 1 day ago - Pushed: 2 days ago - Stars: 33 - Forks: 1
infobyte/faraday
Open Source Vulnerability Management Platform
Language: Python - Size: 212 MB - Last synced: 1 day ago - Pushed: 12 days ago - Stars: 4,632 - Forks: 863
MultiverseCorp/sfdx-devsecops-demo
A SFDX sample application, we use to demonstrate how Clayton works.
Language: Apex - Size: 5.67 MB - Last synced: 1 day ago - Pushed: 1 day ago - Stars: 0 - Forks: 4
openziti/ziti
The parent project for OpenZiti. Here you will find the executables for a fully zero trust, application embedded, programmable network @OpenZiti
Language: Go - Size: 22.2 MB - Last synced: 21 days ago - Pushed: 22 days ago - Stars: 2,044 - Forks: 121
OWASP/CheatSheetSeries
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Language: Python - Size: 1.47 GB - Last synced: 2 days ago - Pushed: 2 days ago - Stars: 26,643 - Forks: 3,743
openziti/sdk-golang
Ziti SDK for Golang
Language: Go - Size: 16.7 MB - Last synced: about 3 hours ago - Pushed: 1 day ago - Stars: 91 - Forks: 14
seal-community/cli
A CLI tool to scan and fix your project's open-source vulnerabilities using Seal packages.
Language: Go - Size: 332 KB - Last synced: 2 days ago - Pushed: 2 days ago - Stars: 14 - Forks: 0
infoslack/awesome-web-hacking
A list of web application security
Size: 139 KB - Last synced: 1 day ago - Pushed: about 2 months ago - Stars: 5,445 - Forks: 1,163
johnsaigle/scary-strings
Collection of wordlists containing dangerous function calls in many languages
Language: Makefile - Size: 62.5 KB - Last synced: 2 days ago - Pushed: 2 days ago - Stars: 20 - Forks: 5
zaproxy/zap-hud
The ZAP Heads Up Display (HUD)
Language: Java - Size: 9.35 MB - Last synced: 2 days ago - Pushed: 3 days ago - Stars: 252 - Forks: 151
microsoft/Security-101
8 Lessons, Kick-start Your Cybersecurity Learning.
Size: 4.34 MB - Last synced: 2 days ago - Pushed: 8 days ago - Stars: 3,394 - Forks: 344
hysnsec/awesome-threat-modelling
A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.
Language: Dockerfile - Size: 277 KB - Last synced: 2 days ago - Pushed: about 1 month ago - Stars: 1,266 - Forks: 232
mbrg/ShellControl
A JavaScript Shell PowerApps PCF component for education and research
Language: TypeScript - Size: 201 KB - Last synced: 3 days ago - Pushed: over 1 year ago - Stars: 2 - Forks: 0
derekhillhp/OWASPPDX-AppSec
Location of the slides presented during the OWASP PDX AppSec presentation on 19 May 2021
Size: 18.6 MB - Last synced: 3 days ago - Pushed: almost 3 years ago - Stars: 3 - Forks: 0
whitespots/devsecops-docs
Our documentation
Size: 649 MB - Last synced: 4 days ago - Pushed: 4 days ago - Stars: 0 - Forks: 0
OtherDevOpsGene/zap-sonar-plugin
Integrates OWASP Zed Attack Proxy reports into SonarQube
Language: HTML - Size: 1.42 MB - Last synced: 3 days ago - Pushed: 6 months ago - Stars: 67 - Forks: 29
OWASP/www-project-top-10-low-code-no-code-security-risks
OWASP Low-Code/No-Code Top 10
Language: HTML - Size: 442 KB - Last synced: 3 days ago - Pushed: about 2 months ago - Stars: 62 - Forks: 23
oversecured/ovaa
Oversecured Vulnerable Android App
Language: Java - Size: 144 KB - Last synced: 3 days ago - Pushed: 6 months ago - Stars: 606 - Forks: 150
cider-security-research/cicd-goat
A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.
Language: Python - Size: 67.1 MB - Last synced: 4 days ago - Pushed: 4 days ago - Stars: 1,812 - Forks: 266
openziti/ziti-sdk-c
A C-based sdk for delivering secure applications over a Ziti Network
Language: C - Size: 2.2 MB - Last synced: 4 days ago - Pushed: 4 days ago - Stars: 66 - Forks: 14
lauritzh/domscan
Simple tool to scan a website for (DOM-based) XSS vulnerabilities and Open Redirects.
Language: JavaScript - Size: 382 KB - Last synced: 4 days ago - Pushed: 4 days ago - Stars: 159 - Forks: 25
DefectDojo/django-DefectDojo
DevSecOps, ASPM, Vulnerability Management. All on one platform.
Language: HTML - Size: 138 MB - Last synced: 28 days ago - Pushed: 28 days ago - Stars: 3,370 - Forks: 1,447
OWASP-BLT/BLT
OWASP BLT is a bug logging tool to report issues and get points, companies are held accountable.
Language: HTML - Size: 68 MB - Last synced: 5 days ago - Pushed: 6 days ago - Stars: 118 - Forks: 124
Privado-Inc/privado
Open Source Static Scanning tool to detect data flows in your code, find data security vulnerabilities & generate accurate Play Store Data Safety Report.
Language: Dockerfile - Size: 29.4 MB - Last synced: 5 days ago - Pushed: 6 days ago - Stars: 473 - Forks: 55
jenkinsci/dependency-track-plugin
Main repository for the official Dependency-Track Jenkins plugin
Language: Java - Size: 5.61 MB - Last synced: 6 days ago - Pushed: 6 days ago - Stars: 41 - Forks: 27
webpwnized/mutillidae
OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security training. This is an easy-to-use web hacking environment designed for labs, security enthusiasts, classrooms, CTF, and vulnerability assessment tool targets.
Language: PHP - Size: 9.99 MB - Last synced: 3 days ago - Pushed: 3 months ago - Stars: 1,178 - Forks: 388
dschadow/JavaSecurity
Java web and command line applications demonstrating various security topics
Language: Java - Size: 2.36 MB - Last synced: 5 days ago - Pushed: 6 days ago - Stars: 231 - Forks: 114
Bearer/bearer
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
Language: Go - Size: 22.7 MB - Last synced: 6 days ago - Pushed: 6 days ago - Stars: 1,749 - Forks: 81
OWASP/Go-SCP
Golang Secure Coding Practices guide
Language: Go - Size: 23 MB - Last synced: 2 days ago - Pushed: 3 months ago - Stars: 4,734 - Forks: 362
pojntfx/uni-appsecurity-notes
Notes for the Anwendungssicherheit (app security) course at HdM Stuttgart.
Size: 16.4 MB - Last synced: 7 days ago - Pushed: 7 days ago - Stars: 6 - Forks: 0
rushikeshhh-patil/OTP-Bypass
A demonstration lab showing the risks and exploitation techniques for hardcoded encryption keys in client-side JavaScript. This educational repository provides a hands-on approach to understanding how exposed keys can be used to intercept, decrypt, and manipulate encrypted web communications, including bypassing security controls like OTP.
Language: HTML - Size: 26.4 KB - Last synced: 7 days ago - Pushed: 7 days ago - Stars: 1 - Forks: 0
Kylmakalle/devicecheck
Reduce fraudulent use of your services by managing device state and asserting app integrity via Apple DeviceCheck API with this Python wrapper.
Language: Python - Size: 38.1 KB - Last synced: 8 days ago - Pushed: 8 days ago - Stars: 20 - Forks: 4
equinor/appsec-fundamentals-authn-authz-cs
A hands-on AppSec fundamentals workshop where we explore protecting API's and Web apps
Language: JavaScript - Size: 1.48 MB - Last synced: 8 days ago - Pushed: 9 days ago - Stars: 10 - Forks: 3
OWASP/www-community
OWASP Community Pages are a place where OWASP can accept community contributions for security-related content.
Language: HTML - Size: 214 MB - Last synced: 10 days ago - Pushed: 11 days ago - Stars: 1,018 - Forks: 644
hp271/awesome-dev-first-security
A curated collection of tools and resources for building security with a developer first approach.
Size: 200 KB - Last synced: 4 days ago - Pushed: almost 2 years ago - Stars: 28 - Forks: 2
NeuraLegion/sectester-js
SecTester is a new tool that integrates our enterprise-grade scan engine directly into your unit tests.
Language: TypeScript - Size: 5.19 MB - Last synced: 9 days ago - Pushed: 10 days ago - Stars: 4 - Forks: 4
albuch/sbt-dependency-check
SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). :rainbow:
Language: Scala - Size: 5.07 MB - Last synced: 10 days ago - Pushed: 28 days ago - Stars: 261 - Forks: 34
urbanadventurer/WhatWeb
Next generation web scanner
Language: Ruby - Size: 10.5 MB - Last synced: 10 days ago - Pushed: 4 months ago - Stars: 5,103 - Forks: 876
kingthorin/kingthorin
@kingthorin's profile repo
Size: 177 KB - Last synced: 10 days ago - Pushed: about 1 month ago - Stars: 1 - Forks: 0
Anof-cyber/Burp-Crypto
A Burp Suite Extension to encrypt the parameters
Language: Python - Size: 8.79 KB - Last synced: 10 days ago - Pushed: over 1 year ago - Stars: 1 - Forks: 0
OWASP/www-project-vulnerable-web-applications-directory
The OWASP Vulnerable Web Applications Directory (VWAD) Project - OWASP Web Site
Language: HTML - Size: 1.21 MB - Last synced: 10 days ago - Pushed: 29 days ago - Stars: 16 - Forks: 22
adityatelange/MobSleuth
Scripts to set up your own Android ๐ฑ app hacking lab
Language: Shell - Size: 78.1 KB - Last synced: 10 days ago - Pushed: 11 days ago - Stars: 47 - Forks: 7
OWASP/wstg
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Language: Dockerfile - Size: 20.2 MB - Last synced: 10 days ago - Pushed: 12 days ago - Stars: 6,700 - Forks: 1,262
Anof-cyber/Application-Security
Resources for Application Security including Web, API, Android, iOS and Thick Client
Size: 305 KB - Last synced: 10 days ago - Pushed: 11 months ago - Stars: 634 - Forks: 51
OWASP/OWASP-VWAD
The OWASP Vulnerable Web Applications Directory project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.
Size: 250 KB - Last synced: 10 days ago - Pushed: 29 days ago - Stars: 824 - Forks: 208
fortify-presales/FortifyDemoApp
Insecure Web application for use in Fortify demonstrations
Language: CSS - Size: 2.59 MB - Last synced: 11 days ago - Pushed: 11 days ago - Stars: 0 - Forks: 0
payatu/iBugBazaar
iOS iBugBazaar: Your mobile appsec playground to Explore, Exploit, Excel
Language: Makefile - Size: 37.8 MB - Last synced: 12 days ago - Pushed: 12 days ago - Stars: 8 - Forks: 1
openziti/ziti-tunnel-sdk-c
Language: C++ - Size: 1.9 MB - Last synced: 11 days ago - Pushed: 12 days ago - Stars: 42 - Forks: 13
pritchyspritch/pritchyspritch.github.io
Language: Ruby - Size: 231 KB - Last synced: 12 days ago - Pushed: 12 days ago - Stars: 0 - Forks: 1
talsec/Free-RASP-Community
SDK providing app protection and threat monitoring for mobile devices, available for Flutter, Cordova, Android and iOS.
Size: 8.96 MB - Last synced: 12 days ago - Pushed: 12 days ago - Stars: 242 - Forks: 11
AppThreat/joern-lib ๐ฆ
Python library for code analysis with CPG and Joern
Language: Jupyter Notebook - Size: 4.39 MB - Last synced: 12 days ago - Pushed: 11 months ago - Stars: 8 - Forks: 0
NeuraLegion/sectester-go
SecTester is a new tool that integrates our enterprise-grade scan engine directly into your unit tests.
Language: Go - Size: 109 KB - Last synced: 14 days ago - Pushed: about 1 year ago - Stars: 0 - Forks: 0
NeuraLegion/issue-linker
A CLI tool to link between SAST issues and BrightSec issues
Language: Crystal - Size: 54.7 KB - Last synced: 14 days ago - Pushed: 4 months ago - Stars: 0 - Forks: 0
jenkinsci/dependency-check-plugin
Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).
Language: Java - Size: 2.9 MB - Last synced: 10 days ago - Pushed: 10 days ago - Stars: 126 - Forks: 70
OWASP/railsgoat
A vulnerable version of Rails that follows the OWASP Top 10
Language: HTML - Size: 7.7 MB - Last synced: 10 days ago - Pushed: 3 months ago - Stars: 854 - Forks: 651
OWASP/www-project-threat-dragon
OWASP Foundation Threat Dragon Project Web Repository
Language: HTML - Size: 8.18 MB - Last synced: 10 days ago - Pushed: 16 days ago - Stars: 59 - Forks: 22
mrrootsec/AssetViz
AssetViz simplifies the visualization of subdomains from input files, presenting them as a coherent mind map. Ideal for penetration testers and bug bounty hunters conducting reconnaissance, AssetViz provides intuitive insights into domain structures for informed decision-making.
Language: Go - Size: 382 KB - Last synced: 10 days ago - Pushed: about 1 month ago - Stars: 23 - Forks: 2
mercedes-benz/sechub
SecHub provides a central API to test software with different security tools.
Language: Java - Size: 30.7 MB - Last synced: 17 days ago - Pushed: 17 days ago - Stars: 242 - Forks: 55
OWASP/threat-model-cookbook
This project is about creating and publishing threat model examples.
Language: Python - Size: 6.12 MB - Last synced: 10 days ago - Pushed: over 2 years ago - Stars: 396 - Forks: 68
zaproxy/zap-extensions
ZAP Add-ons
Language: Java - Size: 922 MB - Last synced: 19 days ago - Pushed: 19 days ago - Stars: 797 - Forks: 670
SasanLabs/VulnerableApp
OWASP VulnerableApp Project: For Security Enthusiasts by Security Enthusiasts.
Language: Java - Size: 41.4 MB - Last synced: 9 days ago - Pushed: 12 days ago - Stars: 252 - Forks: 337
openziti/ziti-browzer-core
Core componentry for the Ziti browZer ecosystem (used internally by ziti-browzer-runtime and ziti-sdk-browzer)
Language: JavaScript - Size: 1.75 MB - Last synced: 18 days ago - Pushed: 19 days ago - Stars: 9 - Forks: 1
ispras/casr
Collect crash (or UndefinedBehaviorSanitizer error) reports, triage, and estimate severity.
Language: Rust - Size: 37.8 MB - Last synced: 25 days ago - Pushed: 26 days ago - Stars: 237 - Forks: 24
JuxhinDB/OOB-Server
A Bind9 server for pentesters to use for Out-of-Band vulnerabilities
Language: Shell - Size: 21.5 KB - Last synced: 18 days ago - Pushed: over 4 years ago - Stars: 178 - Forks: 70
openziti/ziti-sdk-csharp
An C#-based SDK to access Ziti
Language: C# - Size: 1.15 MB - Last synced: 15 days ago - Pushed: 18 days ago - Stars: 39 - Forks: 5
Regnology/lucy
Lucy is a component analysis platform to minimize the risk of license infringements and to support and optimize the license compliance process.
Language: Java - Size: 1.49 MB - Last synced: 8 months ago - Pushed: 11 months ago - Stars: 6 - Forks: 1
alejandrosaenz117/fetch-cwe-list
A simple Node.js module that fetches and parses the latest Common Weakness Enumeration (CWE) list
Language: JavaScript - Size: 551 KB - Last synced: 5 days ago - Pushed: 4 months ago - Stars: 6 - Forks: 2
dependency-check/dependency-check-sonar-plugin
Integrates Dependency-Check reports into SonarQube
Language: Java - Size: 7.01 MB - Last synced: 25 days ago - Pushed: 27 days ago - Stars: 550 - Forks: 127
ajinabraham/njsscan
njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.
Language: JavaScript - Size: 396 KB - Last synced: 10 days ago - Pushed: about 1 month ago - Stars: 344 - Forks: 75
openappsec/openappsec
open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.
Language: C++ - Size: 32.1 MB - Last synced: 19 days ago - Pushed: 20 days ago - Stars: 655 - Forks: 42
ajinabraham/libsast
Generic SAST Library
Language: Python - Size: 286 KB - Last synced: 10 days ago - Pushed: 7 months ago - Stars: 118 - Forks: 17
Acceis/avcs-website
Website of ACCEIS Vulnerable Code Snippets repository
Language: HTML - Size: 16.6 KB - Last synced: 21 days ago - Pushed: 8 months ago - Stars: 2 - Forks: 1
aka99/sdl
SDL Security Development Lifecycle Practice
Size: 40 KB - Last synced: 21 days ago - Pushed: about 7 years ago - Stars: 8 - Forks: 1
openziti/ziti-sdk-py
Ziti SDK for Python
Language: Python - Size: 389 KB - Last synced: 21 days ago - Pushed: 6 months ago - Stars: 62 - Forks: 2
blacklanternsecurity/badsecrets
A library for detecting known secrets across many web frameworks
Language: Python - Size: 3.59 MB - Last synced: 20 days ago - Pushed: about 2 months ago - Stars: 409 - Forks: 30
summitt/Nope-Proxy
TCP/UDP Non-HTTP Proxy Extension (NoPE) for Burp Suite.
Language: Java - Size: 1.2 MB - Last synced: 26 days ago - Pushed: 3 months ago - Stars: 1,502 - Forks: 237
treddis/dotdotfarm
Fast Path Traversal exploitation tool
Language: Python - Size: 110 KB - Last synced: 21 days ago - Pushed: 22 days ago - Stars: 21 - Forks: 1
zaproxy/zaproxy
The ZAP core project
Language: Java - Size: 188 MB - Last synced: 28 days ago - Pushed: 29 days ago - Stars: 11,956 - Forks: 2,183
Checkmarx/2ms
Too many secrets (2MS) helps people protect their secrets on any file or on systems like CMS, chats and git
Language: Go - Size: 297 KB - Last synced: 24 days ago - Pushed: 24 days ago - Stars: 65 - Forks: 16
Orange-Cyberdefense/grepmarx
A source code static analysis platform for AppSec enthusiasts.
Language: Python - Size: 166 MB - Last synced: 22 days ago - Pushed: 26 days ago - Stars: 182 - Forks: 23
kaakaww/stackhawk-custom-image
๐ Customize your own StackHawk docker images
Language: TypeScript - Size: 744 KB - Last synced: 18 days ago - Pushed: 6 months ago - Stars: 6 - Forks: 4
Checkmarx/kics
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
Language: Open Policy Agent - Size: 613 MB - Last synced: 24 days ago - Pushed: 24 days ago - Stars: 1,886 - Forks: 286
hupe1980/node-rasp
Simple nodejs rasp solution
Language: TypeScript - Size: 312 KB - Last synced: 24 days ago - Pushed: about 1 year ago - Stars: 0 - Forks: 0
0x646e78/sonarq
A local SonarQube scanning solution
Language: Python - Size: 18.6 KB - Last synced: 24 days ago - Pushed: over 3 years ago - Stars: 0 - Forks: 0
OWASP/www-project-machine-learning-security-top-10
OWASP Machine Learning Security Top 10 Project
Language: HTML - Size: 46.4 MB - Last synced: 10 days ago - Pushed: about 2 months ago - Stars: 57 - Forks: 18
snyk-labs/snyk-iac-pr-annotations
A POC showing how to use Snyk IaC product in PR checks
Language: TypeScript - Size: 137 KB - Last synced: 26 days ago - Pushed: about 3 years ago - Stars: 0 - Forks: 2
Soluto/kamus
An open source, git-ops, zero-trust secret encryption and decryption solution for Kubernetes applications
Language: C# - Size: 4.22 MB - Last synced: 23 days ago - Pushed: 8 months ago - Stars: 913 - Forks: 67
doyensec/Session-Hijacking-Visual-Exploitation
Session Hijacking Visual Exploitation
Language: JavaScript - Size: 1.31 MB - Last synced: 14 days ago - Pushed: 2 months ago - Stars: 179 - Forks: 14
andresriancho/w3af
w3af: web application attack and audit framework, the open source web vulnerability scanner.
Language: Python - Size: 166 MB - Last synced: 26 days ago - Pushed: about 1 year ago - Stars: 4,438 - Forks: 1,205
seal-community/patches
A centralized repository of standalone security patches for open source libraries.
Size: 804 KB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 177 - Forks: 0
DependencyTrack/dependency-track
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Language: Java - Size: 94.4 MB - Last synced: 28 days ago - Pushed: 28 days ago - Stars: 2,306 - Forks: 503
DataDog/dd-trace-go
Datadog Go Library including APM tracing, profiling, and security monitoring.
Language: Go - Size: 49.9 MB - Last synced: 28 days ago - Pushed: 29 days ago - Stars: 593 - Forks: 407
klarna-incubator/gram
Gram is Klarna's own threat model diagramming tool
Language: TypeScript - Size: 10.6 MB - Last synced: 29 days ago - Pushed: 30 days ago - Stars: 170 - Forks: 8