Ecosyste.ms: Repos

An open API service providing repository metadata for many open source software ecosystems.

GitHub topics: owasp

Repositories

OWASP/crAPI

completely ridiculous API (crAPI)

Language: Java - Size: 4.1 MB - Last synced: 25 minutes ago - Pushed: about 21 hours ago - Stars: 981 - Forks: 303

I love to teach dotnet concepts in a simple way with real world examples to people who aspire to to be a dotnet developer. I also help developers to refresh their memory with easy to understand analogy.

Language: HTML - Size: 1.25 GB - Last synced: about 5 hours ago - Pushed: about 6 hours ago - Stars: 94 - Forks: 4

webpwnized/mutillidae

OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security training. This is an easy-to-use web hacking environment designed for labs, security enthusiasts, classrooms, CTF, and vulnerability assessment tool targets.

Language: PHP - Size: 9.89 MB - Last synced: about 12 hours ago - Pushed: about 13 hours ago - Stars: 1,184 - Forks: 390

owasp-amass/amass

In-depth attack surface mapping and asset discovery

Language: Go - Size: 349 MB - Last synced: about 15 hours ago - Pushed: about 1 month ago - Stars: 11,286 - Forks: 1,827

CycloneDX/cyclonedx-go

Go library to consume and produce CycloneDX Software Bill of Materials (SBOM)

Language: Go - Size: 690 KB - Last synced: about 16 hours ago - Pushed: about 18 hours ago - Stars: 64 - Forks: 27

webpwnized/mutillidae-dockerhub

OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security enthusiasts.

Language: Shell - Size: 23.4 KB - Last synced: about 18 hours ago - Pushed: about 19 hours ago - Stars: 10 - Forks: 9

CycloneDX/cyclonedx-node-npm

Create CycloneDX Software Bill of Materials (SBOM) from Node.js NPM projects.

Language: TypeScript - Size: 19.4 MB - Last synced: about 16 hours ago - Pushed: about 19 hours ago - Stars: 61 - Forks: 16

OWASP/www-project-secure-headers

The OWASP Secure Headers Project

Language: Python - Size: 36.4 MB - Last synced: about 18 hours ago - Pushed: about 19 hours ago - Stars: 123 - Forks: 35

dschadow/JavaSecurity

Java web and command line applications demonstrating various security topics

Language: Java - Size: 2.37 MB - Last synced: about 18 hours ago - Pushed: about 19 hours ago - Stars: 232 - Forks: 114

northwood-labs/csp-parser

Parser and evaluator for Content Security Policy directives.

Language: Go - Size: 56.6 KB - Last synced: about 20 hours ago - Pushed: about 21 hours ago - Stars: 0 - Forks: 0

SecurityRAT/SecurityRAT

OWASP SecurityRAT (version 1.x) - Tool for handling security requirements in development

Language: JavaScript - Size: 16 MB - Last synced: about 21 hours ago - Pushed: 4 months ago - Stars: 164 - Forks: 50

OWASP/CheatSheetSeries

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

Language: Python - Size: 1.48 GB - Last synced: about 20 hours ago - Pushed: about 22 hours ago - Stars: 26,690 - Forks: 3,751

Bearer/bearer

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

Language: Go - Size: 22.7 MB - Last synced: about 18 hours ago - Pushed: about 22 hours ago - Stars: 1,774 - Forks: 81

OWASP/www-project-thick-client-application-security-verification-standard

OWASP Thick Client Application Security Verification Standard

Language: HTML - Size: 193 KB - Last synced: about 8 hours ago - Pushed: 1 day ago - Stars: 4 - Forks: 0

secureCodeBox/secureCodeBox

secureCodeBox (SCB) - continuous secure delivery out of the box

Language: JavaScript - Size: 65.4 MB - Last synced: about 24 hours ago - Pushed: 1 day ago - Stars: 728 - Forks: 146

OWASP/wrongsecrets

Vulnerable app with examples showing how to not use secrets

Language: Java - Size: 80.8 MB - Last synced: about 9 hours ago - Pushed: 13 days ago - Stars: 1,157 - Forks: 274

infoslack/awesome-web-hacking

A list of web application security

Size: 139 KB - Last synced: 1 day ago - Pushed: 2 months ago - Stars: 5,459 - Forks: 1,166

webpwnized/mutillidae-docker

OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security enthusiasts.

Language: Dockerfile - Size: 127 KB - Last synced: about 16 hours ago - Pushed: 1 day ago - Stars: 69 - Forks: 33

Baroshem/nuxt-security

🛡 Automatically configure your app to follow OWASP security patterns and principles by using HTTP Headers and Middleware

Language: TypeScript - Size: 4.36 MB - Last synced: 1 day ago - Pushed: 1 day ago - Stars: 715 - Forks: 52

CycloneDX/cyclonedx-rust-cargo

Creates CycloneDX Software Bill of Materials (SBOM) from Rust (Cargo) projects

Language: Rust - Size: 2.31 MB - Last synced: 1 day ago - Pushed: 1 day ago - Stars: 77 - Forks: 37

OWASP/www-project-vulnerable-web-applications-directory

The OWASP Vulnerable Web Applications Directory (VWAD) Project - OWASP Web Site

Language: HTML - Size: 1.22 MB - Last synced: 2 days ago - Pushed: 2 days ago - Stars: 16 - Forks: 22

OWASP/OWASP-VWAD

The OWASP Vulnerable Web Applications Directory project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.

Size: 274 KB - Last synced: 2 days ago - Pushed: 2 days ago - Stars: 825 - Forks: 212

Whyiest/Juice-Shop-Write-up

Non-official write up for the Juice-Shop CTF

Language: Python - Size: 48 MB - Last synced: 2 days ago - Pushed: 2 days ago - Stars: 1 - Forks: 0

paragonie/awesome-appsec

A curated list of resources for learning about application security

Language: PHP - Size: 188 KB - Last synced: 1 day ago - Pushed: 8 months ago - Stars: 6,126 - Forks: 726

insidersec/insider

Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).

Language: Go - Size: 4.39 MB - Last synced: 1 day ago - Pushed: about 2 years ago - Stars: 490 - Forks: 80

0xKayala/OWASP-Secure-Coding-Checklist Fork of pages-themes/hacker

OWASP Secure Coding Practices Checklist

Language: SCSS - Size: 181 KB - Last synced: 1 day ago - Pushed: 2 days ago - Stars: 0 - Forks: 0

Stuub/CVE-2024-29895-CactiRCE-PoC

CVE-2024-29895 PoC - Exploiting remote command execution in Cacti servers using the 1.3.X DEV branch builds

Language: Python - Size: 4.88 KB - Last synced: 2 days ago - Pushed: 3 days ago - Stars: 1 - Forks: 0

austimkelly/swiss-cheese

A demo repository of simple OWASP Top 10 type of vulnerabilities in (mostly) Python. Includes an exploration of GHAS features.

Language: Python - Size: 640 KB - Last synced: 2 days ago - Pushed: 3 days ago - Stars: 2 - Forks: 23

domain-protect/domain-protect

OWASP Domain Protect - prevent subdomain takeover

Language: Python - Size: 18.8 MB - Last synced: 1 day ago - Pushed: 3 days ago - Stars: 370 - Forks: 58

OWASP/vbscan

OWASP VBScan is a Black Box vBulletin Vulnerability Scanner

Language: Perl - Size: 97.7 KB - Last synced: 2 days ago - Pushed: almost 5 years ago - Stars: 322 - Forks: 119

OWASP/OFFAT

The OWASP OFFAT tool autonomously assesses your API for prevalent vulnerabilities, though full compatibility with OAS v3 is pending. The project remains a work in progress, continuously evolving towards completion.

Language: Python - Size: 6 MB - Last synced: 2 days ago - Pushed: 2 days ago - Stars: 277 - Forks: 37

OWASP/owasp-masvs

The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.

Language: Python - Size: 109 MB - Last synced: 2 days ago - Pushed: 3 days ago - Stars: 1,946 - Forks: 420

OWASP/www-project-csrfguard

The aim of this project is to protect Java applications against CSRF attacks with the use of Synchronizer Tokens

Language: Java - Size: 3.65 MB - Last synced: 2 days ago - Pushed: 3 days ago - Stars: 71 - Forks: 37

CycloneDX/cyclonedx-python-lib

Python implementation of OWASP CycloneDX

Language: Python - Size: 2.51 MB - Last synced: 2 days ago - Pushed: 3 days ago - Stars: 59 - Forks: 30

juice-shop/juice-shop-ctf

Tool to export Juice Shop challenges and hints in data format compatible with CTFd, RootTheBox or FBCTF

Language: JavaScript - Size: 3.63 MB - Last synced: 2 days ago - Pushed: about 2 months ago - Stars: 395 - Forks: 108

corazawaf/coraza

OWASP Coraza WAF is a golang modsecurity compatible web application firewall library

Language: Go - Size: 29 MB - Last synced: 2 days ago - Pushed: 2 days ago - Stars: 1,853 - Forks: 194

CycloneDX/cyclonedx-core-java

CycloneDX SBOM Model and Utils for Creating and Validating BOMs

Language: Java - Size: 14.8 MB - Last synced: 2 days ago - Pushed: 3 days ago - Stars: 68 - Forks: 54

anecaj/Social-Engineering-Paper

Risk Management for Information Security

Size: 4.76 MB - Last synced: 3 days ago - Pushed: 4 days ago - Stars: 1 - Forks: 0

vitalysim/Awesome-Hacking-Resources

A collection of hacking / penetration testing resources to make you better!

Size: 269 KB - Last synced: 3 days ago - Pushed: 2 months ago - Stars: 14,745 - Forks: 2,080

Stuub/CVE-2024-4040-SSTI-LFI-PoC

CVE-2024-4040 CrushFTP SSTI LFI & Auth Bypass | Full Server Takeover | Wordlist Support

Language: Python - Size: 53.7 KB - Last synced: 4 days ago - Pushed: 5 days ago - Stars: 20 - Forks: 6

rfc-st/humble

A humble, and 𝗳𝗮𝘀𝘁, security-oriented HTTP headers analyzer.

Language: Python - Size: 13.2 MB - Last synced: 3 days ago - Pushed: 4 days ago - Stars: 145 - Forks: 15

svelte-u/sveltekit-security

A package that helps you secure your Sveltekit apps with ease. It provides you with tools and best practices to prevent common security risks and vulnerabilities.

Language: TypeScript - Size: 44.9 KB - Last synced: 1 day ago - Pushed: 6 months ago - Stars: 3 - Forks: 0

cloudcomponents/cdk-constructs

A collection of higher-level reusable cdk constructs

Language: TypeScript - Size: 10.2 MB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 611 - Forks: 102

OWASP/www-project-asvs-security-evaluation-templates-with-nuclei

OWASP ASVS Security Evaluation Templates with Nuclei

Language: HTML - Size: 124 KB - Last synced: 4 days ago - Pushed: 5 days ago - Stars: 9 - Forks: 2

rameshsunkara/go-rest-api-example

Enterprise ready REST API microservice in golang

Language: Go - Size: 223 KB - Last synced: 4 days ago - Pushed: 4 days ago - Stars: 61 - Forks: 14

find-sec-bugs/find-sec-bugs

The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)

Language: Java - Size: 7.35 MB - Last synced: about 23 hours ago - Pushed: 18 days ago - Stars: 2,209 - Forks: 464

CycloneDX/cyclonedx.org

Public website

Language: HTML - Size: 39.9 MB - Last synced: 4 days ago - Pushed: 5 days ago - Stars: 8 - Forks: 72

daveshanley/vacuum

vacuum is the worlds fastest OpenAPI 3, OpenAPI 2 / Swagger linter and quality analysis tool. Built in go, it tears through API specs faster than you can think. vacuum is compatible with Spectral rulesets and generates compatible reports.

Language: Go - Size: 25.1 MB - Last synced: 5 days ago - Pushed: 9 days ago - Stars: 435 - Forks: 34

owaspsamm/website

The OWASP SAMM Website

Language: HTML - Size: 73.3 MB - Last synced: 5 days ago - Pushed: 5 days ago - Stars: 6 - Forks: 9

OWASP/www-project-top-10-low-code-no-code-security-risks

OWASP Low-Code/No-Code Top 10

Language: HTML - Size: 406 KB - Last synced: 5 days ago - Pushed: 5 days ago - Stars: 62 - Forks: 23

Snbig/Vulnerable-Pages

Intentionally Vulnerable Pages for OWASP ASVS Security Evaluation Templates with Nuclei Project.

Language: Python - Size: 145 KB - Last synced: 4 days ago - Pushed: 5 days ago - Stars: 1 - Forks: 0

theredditbandit/awesome-cybersec

A collection of awesome platforms, blogs, documents, books, resources and cool stuff about security

Size: 92.8 KB - Last synced: 3 days ago - Pushed: 3 months ago - Stars: 173 - Forks: 26

RAJANAGORI/Nightingale

It's a Docker Environment for Pentesting which having all the required tool for VAPT.

Language: Dockerfile - Size: 109 MB - Last synced: 6 days ago - Pushed: 7 days ago - Stars: 198 - Forks: 28

Sharpforce/cybersecurity

GitHub for my GitBook : https://sharpforce.gitbook.io/cybersecurity/

Size: 55.9 MB - Last synced: 7 days ago - Pushed: 7 days ago - Stars: 4 - Forks: 0

CycloneDX/cyclonedx-cli

CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.

Language: C# - Size: 592 KB - Last synced: 7 days ago - Pushed: 7 days ago - Stars: 256 - Forks: 56

CycloneDX/cyclonedx-php-library

PHP Implementation of OWASP CycloneDX Bill of Materials (BOM)

Language: PHP - Size: 2.39 MB - Last synced: 7 days ago - Pushed: 7 days ago - Stars: 6 - Forks: 0

OWASP/DevSecOpsGuideline

The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.

Language: Python - Size: 10 MB - Last synced: 6 days ago - Pushed: 15 days ago - Stars: 744 - Forks: 171

coreruleset/template-plugin

Example plugin template to be used together with the OWASP CRS

Size: 26.4 KB - Last synced: 8 days ago - Pushed: 8 days ago - Stars: 0 - Forks: 5

CycloneDX/sbom-utility

Utility that provides an API platform for validating, querying and managing BOM data

Language: Go - Size: 9.8 MB - Last synced: 7 days ago - Pushed: 8 days ago - Stars: 68 - Forks: 10

ytisf/BirDuster

A multi threaded Python script designed to brute force directories and files names on webservers.

Language: Python - Size: 17.6 KB - Last synced: 6 days ago - Pushed: almost 2 years ago - Stars: 74 - Forks: 18

globaldatanet/aws-firewall-factory

Easily improve the security of your web applications with aws firewall factory. Protect your valuable assets with seamless WAF deployment, updates, and staging, all efficiently managed centrally with Firewall Manager.

Language: TypeScript - Size: 27 MB - Last synced: 8 days ago - Pushed: 12 days ago - Stars: 221 - Forks: 21

ricsirigu/Top10 Fork of OWASP/Top10

Official OWASP Top 10 Document Repository

Language: HTML - Size: 248 MB - Last synced: 10 days ago - Pushed: 10 days ago - Stars: 2 - Forks: 1

OtherDevOpsGene/zap-sonar-plugin

Integrates OWASP Zed Attack Proxy reports into SonarQube

Language: HTML - Size: 1.42 MB - Last synced: 5 days ago - Pushed: 7 months ago - Stars: 67 - Forks: 29

tHeStRyNg/ars0n-framework Fork of R-s0n/ars0n-framework

A Cyber-Security Framework for Bounty Hunting

Language: JavaScript - Size: 26.1 MB - Last synced: 10 days ago - Pushed: 10 days ago - Stars: 1 - Forks: 0

CloudIDEaaS/CloudIDEaaSWAF

CloudIDEaaS WAF is a Web Application Firewall product that supports the industry standard OWASP ruleset. It is A.I. and configuration-driven, cloud native, and extensible. It is community open-sourced, supports IP and GEO fencing, and can support reverse proxy cloud, on-premise, in process, or appliance.

Language: HTML - Size: 206 MB - Last synced: 10 days ago - Pushed: 15 days ago - Stars: 2 - Forks: 0

MediaMarktSaturn/helm-charts

Helm charts maintained and used by the MMS Technology team.

Language: Smarty - Size: 356 KB - Last synced: 11 days ago - Pushed: 11 days ago - Stars: 11 - Forks: 0

dradis/dradis-zap

ZAP plugin for the Dradis Framework

Language: Ruby - Size: 92.8 KB - Last synced: 5 days ago - Pushed: 11 days ago - Stars: 4 - Forks: 1

DefectDojo/django-DefectDojo

DevSecOps, ASPM, Vulnerability Management. All on one platform.

Language: HTML - Size: 138 MB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 3,370 - Forks: 1,447

Accruent/owasp-zap-historic-parser

Language: HTML - Size: 427 KB - Last synced: 12 days ago - Pushed: 12 days ago - Stars: 4 - Forks: 1

CycloneDX/cyclonedx-python

CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments

Language: Python - Size: 2.12 MB - Last synced: 16 days ago - Pushed: 17 days ago - Stars: 210 - Forks: 61

mrgr4yhat/Vulnerable-Web-App

The main goal of VWA is to provide a hands-on experience for security rookies on vulnerable web applications available for practicing and learning, so that they can attack realistic web environments… without going to jail :)

Language: PHP - Size: 135 KB - Last synced: 7 days ago - Pushed: 8 months ago - Stars: 3 - Forks: 1

CycloneDX/cyclonedx-gomod

Creates CycloneDX Software Bill of Materials (SBOM) from Go modules

Language: Go - Size: 4.37 MB - Last synced: 12 days ago - Pushed: 12 days ago - Stars: 124 - Forks: 21

jenkinsci/dependency-track-plugin

Main repository for the official Dependency-Track Jenkins plugin

Language: Java - Size: 5.61 MB - Last synced: 12 days ago - Pushed: 12 days ago - Stars: 41 - Forks: 27

OWASP/www-project-developer-guide

OWASP Project Developer Guide - Document and Project Web pages

Language: HTML - Size: 16 MB - Last synced: 17 days ago - Pushed: 17 days ago - Stars: 52 - Forks: 9

actuator/Android-Security-Exploits-YouTube-Curriculum

🔓A curated list of modern Android exploitation conference talks.

Size: 98.6 KB - Last synced: 13 days ago - Pushed: 14 days ago - Stars: 392 - Forks: 30

alphaSeclab/awesome-cyber-security Fork of xrkk/awesome-cyber-security

[Draft]Awesome Cyber Security Resource Collection. Currently contains 8000+ open source repositories, and not very well classified. For each repository, extra info included: star count, commit count, last update time. This is the DRAFT version.

Size: 3.49 MB - Last synced: 4 days ago - Pushed: over 4 years ago - Stars: 445 - Forks: 117

OWASP/threat-dragon

An open source threat modeling tool from OWASP

Language: JavaScript - Size: 130 MB - Last synced: 17 days ago - Pushed: 20 days ago - Stars: 814 - Forks: 214

OWASP/Nettacker

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

Language: Python - Size: 8.23 MB - Last synced: 17 days ago - Pushed: 22 days ago - Stars: 2,959 - Forks: 697

phongnguyend/Practical.CleanArchitecture

Full-stack .Net 8 Clean Architecture (Microservices, Modular Monolith, Monolith), Blazor, Angular 17, React 18, Vue 3, BFF with YARP, Domain-Driven Design, CQRS, SOLID, Asp.Net Core Identity Custom Storage, OpenID Connect, Entity Framework Core, Selenium, SignalR, Hosted Services, Health Checks, Rate Limiting, Cloud Services (Azure, AWS, Google)...

Language: C# - Size: 71.2 MB - Last synced: 13 days ago - Pushed: 14 days ago - Stars: 1,916 - Forks: 493