"topic:owasp" — Search

1,301 results for “topic:owasp”

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

Python31.5k4.4kUpdated 5 hours ago

application-securityappsecbest-practicescheatsheetscodeowaspsecurity

MobSF/Mobile-Security-Framework-MobSF

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

JavaScript20.5k3.6kUpdated 1 hour ago

android-securityapi-testingapkcwedevsecopsdynamic-analysisios-securitymalware-analysismastgmasvsmobile-securitymobsfmstgowasprestruntime-securitystatic-analysisweb-securitywindows-mobile-security

vitalysim/Awesome-Hacking-Resources

A collection of hacking / penetration testing resources to make you better!

16.8k2.2kUpdated just now

buffer-overflowctfexploithackingmalwaremitmowasppenetration-testingprivilege-escalationprivilege-escalation-linuxreverse-engineeringwindows-privilege-escalation

owasp-amass/amass

In-depth attack surface mapping and asset discovery

Go14.2k2.1kUpdated 4 hours ago

attack-surfacesdnsenumerationgogolanginformation-gatheringmaltegonetwork-securityosintosint-reconnaissanceowaspreconsubdomain

juice-shop/juice-shop

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

TypeScript12.7k16.7kUpdated just now

24pullrequestsapplication-securityappsecctfhackinghacktoberfestjavascriptowaspowasp-top-10owasp-top-tenpentestingsecurityvulnappvulnerable

OWASP/wstg

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

8.9k1.6kUpdated 4 hours ago

application-securityappsecbest-practicesbugbountyguidehackinghacktoberfestowasppenetration-testingpentestingsecurity

paragonie/awesome-appsec

A curated list of resources for learning about application security

PHP6.8k788Updated 1 hour ago

application-securitycuratedowaspreading-listsecuritysecurity-experts

infoslack/awesome-web-hacking

A list of web application security

6.8k1.3kUpdated 11 hours ago

appsechackinghacking-toolsmetasploitowasppenetration-testingpentestingscannersecurityvulnerabilitiesvulnerabilityweb-hackingweb-security

urbanadventurer/WhatWeb

Next generation web scanner

Ruby6.5k980Updated 2 hours ago

application-securityappsechackinghacking-toolskali-linuxnetwork-securityowasppenetration-testpenetration-testingpenetration-testing-toolspentestpentestingpentesting-toolsreconrubyscannersecuritysecurity-toolswebweb-hacking

madhuakula/kubernetes-goat

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

HTML5.4k958Updated 12 hours ago

blueteamcloud-nativecloud-securitycloudsecuritycontainercontainer-securitydevsecopsdockerhackinginfrastructurek8skuberneteskubernetes-goatkubernetes-securityowasppentestingredteamsecurityvulnerable-app

OWASP/Nettacker

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

Python4.9k1.0kUpdated 5 hours ago

automationbruteforcecvehacking-toolsinformation-gatheringnetwork-securityowasppenetration-testingpenetration-testing-frameworkpentestingpentesting-toolsportscannerpythonreconscannersecuritysecurity-toolsvulnerability-managementvulnerability-scannervulnerability-scanners

DefectDojo/django-DefectDojo

Open-Source Unified Vulnerability Management, DevSecOps & ASPM

HTML4.6k1.8kUpdated 3 hours ago

analyticsappsecautomationdevsecopsdjangohacktoberfestkubernetesowasppythonsecuritysecurity-automationsecurity-orchestrationvulnerability-correlationvulnerability-databasesvulnerability-management

DependencyTrack/dependency-track

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java3.6k711Updated just now

appsecbill-of-materialsbomcomponent-analysiscyclonedxdevsecopshacktoberfestnvdossindexowasppackage-urlpurlsbomscasecuritysecurity-automationsoftware-composition-analysissoftware-securityvulnerabilitiesvulnerability-detection

microcosm-cc/bluemonday

bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS

Go3.6k195Updated 2 days ago

allowlistgogolanghtmlowaspsanitizationsecurityxss

husnainfareed/awesome-ethical-hacking-resources

😎 🔗 Awesome list about all kinds of resources for learning Ethical Hacking and Penetration Testing.

3.4k534Updated 11 hours ago

awesomeawesome-listctfethical-hackinghackinghacking-resourceshacktoberfestlearning-hackingowasppenetration-testingresourcesvulnerable-applicationsweb-hacking

corazawaf/coraza

OWASP Coraza WAF is a golang modsecurity compatible web application firewall library

Go3.3k310Updated just now

corazacoraza-wafcorerulesetgogolanghacktoberfesthttpmodsecurityowaspowasp-crswafweb-application-firewall

coreruleset/coreruleset

OWASP CRS (Official Repository)

Python3.0k445Updated 1 hour ago

crsowasprulesetsecuritywaf

lirantal/awesome-nodejs-security

Awesome Node.js Security resources

3.0k275Updated 2 days ago

awesomeawesome-listcybersecurityhacktoberfestinfosecnodejsowasppentestsecurityvulnerabilitiesweb-security

flipkart-incubator/Astra

Automated Security Testing For REST API's

Python2.6k411Updated 1 week ago

ci-cdowasppenetration-testingpenetration-testing-frameworkpostman-collectionpythonrestapiautomationsdlcsecuritysecurity-automation

Bearer/bearer

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

Go2.6k143Updated 12 hours ago

appseccode-qualitycompliancedataflowdevsecopsdevsecops-toolsgdprowaspprivacysastsecuritysecurity-auditsecurity-automationsecurity-scannersecurity-toolsstatic-analysisstatic-code-analysisvulnerabilitiesvulnerability

phongnguyend/Practical.CleanArchitecture

Full-stack .Net 10 Clean Architecture (Microservices, Modular Monolith, Monolith), Blazor, Angular 21, React 19, Vue 3.5, BFF with YARP, NextJs 16, Domain-Driven Design, CQRS, SOLID, Asp.Net Core Identity Custom Storage, OpenID Connect, EF Core, OpenTelemetry, SignalR, Background Services, Health Checks, Rate Limiting, Clouds (Azure, AWS, GCP), ...

C#2.4k608Updated 3 days ago

angularawsazureblazorclean-architecturecqrsdevopsdockerdomain-driven-designkafkakubernetesmicroservicesoauth2opentelemetryowasprabbitmqreactjssignalrvuejs

find-sec-bugs/find-sec-bugs

The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)

Java2.4k480Updated 1 week ago

bytecodecode-analysiscwefindbugshacktoberfestjavaowaspsecuritysecurity-auditstatic-analysistaint-analysis

OWASP/masvs

The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.

Python2.3k642Updated 1 day ago

android-appauditgitbookios-appmastgmasvsmobilemstgowasppenetration-testingpenetration-testssecuritysecurity-auditsecurity-standardsstandardverification

OWASP/DevGuide

The OWASP Developer Guide

2.1k403Updated 6 hours ago

owaspowasp-developer-guide

0xRadi/OWASP-Web-Checklist

OWASP Web Application Security Testing Checklist

2.1k407Updated 7 hours ago

bugbountychecklistowaspsecuritysecurity-toolssecurity-vulnerabilitytesting

cossacklabs/themis

Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.

C2.0k156Updated 6 days ago

asymmetric-cryptographyauthenticationcryptographycryptography-libraryencryptiongolangiosjavajavascriptobjective-cowaspphppythonrubyrustsecure-messengersecure-storagesecurityswiftsymmetric-cryptography

owtf/owtf

Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org https://twitter.com/owtfp

TypeScript1.9k481Updated 2 days ago

frameworkkali-linuxowaspowtfpentestpythonsecurityweb-application-security

xalgord/Massive-Web-Application-Penetration-Testing-Bug-Bounty-Notes

A comprehensive guide for web application penetration testing and bug bounty hunting, covering methodologies, tools, and resources for identifying and exploiting vulnerabilities.

1.8k293Updated 4 hours ago

bug-bountybugbountybugbountytipscollectionethical-hackinghackingowaspowasp-top-10resourcesxalgord

1N3/BlackWidow

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

Python1.8k390Updated 4 days ago

activeapplicationautomatedbugbountycsrffuzzerlfiosintowasppassivepythonrcerfiscanscannerspidersqlivulnerabilitywebxss

wallarm/gotestwaf

An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses

Go1.8k253Updated 1 day ago

api-securitybugbountygraphql-securitygrpc-securityowasprest-securitysecuritysecurity-testingsecurity-toolswafweb-application-firewallweb-application-security

Page 1 of 34