"topic:secure-coding" — Search

281 results for “topic:secure-coding”

APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is intended primarily for mobile app developers and security testers, it can be used by anyone to identify and address potential security vulnerabilities in their code.

Go958102Updated 17 hours ago

android-securityapkhuntcode-reviewinformation-securityinfosecmasvsmobile-sec-androidmstgowaspowasp-mobile-toppenetration-testingpentestpentestingpentesting-toolssastsecure-codingsecuritysecurity-toolsstatic-analysisstatic-analyzer

blabla1337/skf-flask

Security Knowledge Framework (SKF) Python Flask / Angular project

HTML827306Updated 1 month ago

owasp-skfsecure-by-defaultsecure-codingsecuritysecurity-auditsecurity-frameworksecurity-hardeningsecurity-knowledgesecurity-requirementssecurity-standardssecurity-training

ANSSI-FR/rust-guide

Recommendations for secure applications development with Rust

Rust63651Updated 4 days ago

good-practicesrecommendationsrustsecure-coding

Commando-X/vuln-bank

A deliberately vulnerable banking application designed for practicing Security Testing of Web App, APIs, AI integrated App and secure code reviews. Features common vulnerabilities found in real-world applications, making it an ideal platform for security professionals, developers, and enthusiasts to learn pentesting and secure coding practices.

Python602219Updated 8 hours ago

ai-securityapisecurityapplication-securitydevsecopspenetration-testingsecure-coding

OWASP/SecureCodingDojo

The Secure Coding Dojo is a platform for delivering secure coding knowledge.

PHP596158Updated 1 week ago

owaspsecure-codingtraining-portal

joswha/Secure-Coding-HandbookArchived

Web Application Secure Coding Handbook resource.

35047Updated 3 weeks ago

appsecurityblueteamowaspsecure-codingsecure-coding-practicessecuritywebappsecurity

OWASP/RiskAssessmentFrameworkArchived

The Secure Coding Framework

TypeScript272108Updated 1 week ago

devsecopsowasp-rafsecure-codingstatic-application-security-tool

abougouffa/awesome-coding-standards

Collection of C and C++ Coding Standards

20442Updated 1 month ago

autosarautosar-cppawesomeawesome-listbarr-cccert-ccert-cppcoding-standardscppdocumentshi-cppjpl-cjsf-avmisra-csecure-codingsei-cert

xoxruns/deadend-cli

Agentic pentest tooling. Currently achieving around 78% on XBOW's benchmark in full black-box. Completely Self-hosted. Every model available on LiteLLM (Ollama, anthropic, openai...)

Python19633Updated 9 hours ago

agentic-aiaicybersecuritycybersecurity-toolsoffensive-securitypentestingsecure-coding

a0xnirudh/kurukshetra

Kurukshetra - A framework for teaching secure coding by means of interactive problem solving.

PHP14022Updated 9 months ago

appsecinfosecphpsecure-codingsecurity

cybrota/whispr

A multi-vault secret injection tool for safely injecting secrets into app environment

Python1333Updated 1 week ago

aws-secrets-managerazure-keyvaultcommand-line-toolcybersecuritydeveloper-experiencedevops-toolsdevsecopsgcp-secrets-managerhashicorp-vaultpythonsecure-codingsecure-software-developmentsecuritysecurity-tools

apiiro/combobulator

Dependency Combobulator

Python957Updated 2 months ago

dependency-confusionsdlcsecure-codingsecurity

paulveillard/cybersecurity-architecture

An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about Software & Systems Architecture in Cybersecurity

7220Updated 1 day ago

cybersecurity-educationdesign-patternsdesign-thinkingdesignerhigh-availabilityhigh-performance-computingmetricsperformance-monitoringscalabilityscalescale-upsecure-backupsecure-bootsecure-by-defaultsecure-by-designsecure-codingsecure-computationsecure-storagesecurity-in-artificial-intelligencesoftware-engineering

nxenon/DevSecOps

♾️ Collection of DevSecOps Notes + Resources + Courses + Tools

Python707Updated 2 months ago

defectdojodependency-trackdevsecopsdevsecops-best-practicesdevsecops-notesdevsecops-resourcesiastsastsbomsdlcsecret-managementsecure-codingsecure-developmentsoftware-bill-of-materialsoftware-composition-analysisstatic-analysis-security-testingthreat-modelthreat-modeling

convisolabs/CVWA

Conviso Vulnerable Web Application is the OSS project from the Conviso Application Security for the community. The project represents a vulnerable web application to practice security testing and improve your learning in AppSec..

HTML6337Updated 1 month ago

educationhacktoberfesthtmlowaspphpsecure-codingvulnerable-app

Fortiphyd/Secure_PLC_Coding

Documentation and guidance to practice secure coding for various PLC vendors

429Updated 1 week ago

ics-securityot-securityplc-programmingsecure-coding

dowjones/reapsaw

Reapsaw is a continuous security devsecops tool, which helps in enabling security into CI/CD Pipeline. It supports coverage for multiple programming languages.

Python4115Updated 1 year ago

appseccontinuous-securitydevsecopssecure-coding

SecuringTheStack/tutorials

Additional Resources For Securing The Stack Tutorials

JavaScript4018Updated 1 year ago

appsecappsec-tutorialscybersecurityinfosecowaspsecure-codingtutorialswebsec

s4dhul4bs/vimana-framework

Vimana is an experimental security tool that aims to provide resources for auditing Python web applications.

385Updated 3 months ago

analysisaudit-toolsdiscoverydjangodjango-applicationdjango-rest-frameworkexception-flowexception-handlingexperimentalhackinghacking-toolissue-trackerpythonpython3secure-codingsecurity-auditsecurity-frameworksecurity-toolsvimanavimana-framework

cybersecsi/invisible-backdoor-detector

A quick script to spot the usage of Unicode Bidi (bidirectional) characters that could lead to an Invisible Backdoor

Python346Updated 9 months ago

homoglyphinvisibleinvisible-backdoorinvisible-trojanobfuscationsecure-codingunicode

GVishnudhasan/NoDueProject

An automated system for requesting and approving no-due certificates for students at the end of each semester for universities and colleges.

TypeScript3048Updated 1 month ago

angularcollaboratecollege-projectcommunityexchangegithubhacktoberfestjavascriptlearnmean-stackmongodbnodejsowasp-top-10secure-coding

0x4m4/buffer-overflow-lab

A controlled environment for demonstrating and understanding buffer overflow vulnerabilities in web applications. This project is designed for educational purposes as part of secure software development training.

Python253Updated 2 weeks ago

0x4m4buffer-overflowbuffer-overflow-attackcybersecurityexploitpython-projectssecure-codingsecure-software-developmentuniversity-project

Irench1k/unsafe-code

Hands-on secure code review training: learn to find vulnerabilities in Flask, Django, FastAPI through production-quality examples. Whitebox pentesting for modern web frameworks.

Python242Updated 1 day ago

api-securityappseccode-reviewcybersecurity-educationhackingpentestingsecure-codingsecurity-researchsecurity-trainingunsafe-codevulnerable-web-appweb-application-securityweb-securitywhitebox-testing

annaluizando/blindspot

A terminal interactive game designed to train yourself to identify insecure coding practices.

Go220Updated 1 month ago

appsecinfosecsecure-code-reviewsecure-codingsecurity

slowcoder360/vibesafe

Secure your code in seconds. VibeSafe is an AI-native DevSecOps CLI tool that detects vulnerabilities, secrets, insecure configs, and hallucinated dependencies before they ship.

TypeScript217Updated 4 days ago

ai-securitycli-tooldevsecopsjavascript-securitynpm-packageopen-source-securitysecure-codingsecure-installsupply-chain-securityvulnerability-detectionvulnerability-scanners

SagarBiswas-MultiHAT/SecurePay_E-Wallet-V1

Local PHP/MySQL e-wallet application combined with a hands-on cybersecurity demo lab. Implements user/admin auth, balances, transfers, CSRF protection, session timeouts, login lockout, and hashing. Includes a toggleable Vulnerable/Secure lab to demonstrate XSS and session hijacking with real code and mitigations.

PHP190Updated 1 week ago

authentication-securitycsrf-protectioncybersecurity-demoe-walletethical-hackinglearning-projectphp-mysqlsecure-codingsession-hijackingsession-managementvulnerable-web-appweb-security-labxss-demo

sbaresearch/slibc

Implementation of C11 Annex K "Bounds-checking interfaces" ISO/IEC 9899:2011

C196Updated 3 months ago

buffer-overflowcsecure-by-defaultsecure-codingstring-manipulation

SagarBiswas-MultiHAT/XSS-WebGuard

A client-side web security tool that sanitizes potentially malicious HTML and JavaScript input by stripping unsafe tags and event attributes. Designed to demonstrate XSS prevention concepts, safe input handling, and frontend security practices using pure HTML, CSS, and JavaScript in a beginner-friendly interface.

JavaScript180Updated 2 weeks ago

cybersecurity-learningethical-hackingfrontend-securityhtml-css-javascriptinput-sanitizationjavascript-securitysecure-codingsecurity-toolsweb-securityxss-prevention

agamm/claude-code-owasp

Claude Code skill for OWASP security best practices (2025-2026). Includes Top 10:2025, ASVS 5.0, Agentic AI security, and 20+ language-specific security quirks.

161Updated 1 day ago

ai-securityappsecasvsclaudeclaude-codeclaude-skillsowaspsecure-codingsecurityvulnerability

ShahVandit8/fortifying_PHP

Secure Coding Practices for PHP – A white paper and code snippets on best practices for securing PHP applications, covering input validation, authentication, encryption, and more. 🔒🚀

PHP151Updated 5 months ago

best-practicescyber-securitycyber-threatscybersecurityphpphp-cybersecurityphp-securityphp7php8secure-codingsecure-phpsecure-web-apps

Page 1 of 10