w3af: web application attack and audit framework, the open source web vulnerability scanner.
Updated Nov 19, 2018
A vulnerable version of Rails that follows the OWASP Top 10
Updated Nov 6, 2018
Dependency-Track is an intelligent Software Composition Analysis (SCA) platform that allows organizations to identify…
Integrates Dependency-Check reports into SonarQube
Tests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipe…
Updated Apr 12, 2018
The YAWAST Antecedent Web Application Security Toolkit
SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabil…
Updated Nov 18, 2018
Kurukshetra - A framework for teaching secure coding by means of interactive problem solving.
Updated Oct 15, 2018
Dynamic Application Security Test Orchestration (DASTO)
Updated Sep 28, 2018
An application to assist in the organization and prioritization of software security activities.
Updated Nov 15, 2018
Simple HTML5 WebSocket fuzzer
Updated May 16, 2018
OWASP SecurityRAT - Tool for handling security requirements in development
Updated Jul 4, 2018
In progress rough solutions to bWAPP / bee-box
Updated Nov 30, 2016
Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).
Updated Oct 29, 2018
A Java library for parsing and programmatically using threat models
Updated Oct 9, 2017
A simple Java command-line utility to mirror the CVE XML and JSON data from NIST.
Updated Jul 17, 2018
Integrates OWASP Zed Attack Proxy reports into SonarQube
Updated Nov 3, 2018
Анонси, програми та архів матеріалів українських конференцій з кібер-безпеки.
Updated Nov 7, 2018
Documentation for Essential Node.js Security
Updated Oct 8, 2018
Updated Jul 24, 2018
Vendor-Neutral Security Tool Automation Controller (over REST)
Updated Apr 19, 2018
Web Browser Hooking Framework. Manage, execute and assess web browser vulnerabilities
Updated Aug 2, 2018
A simple Java command-line utility to mirror the entire contents of VulnDB.
Updated May 24, 2018
Application Security Awareness Training
Updated Sep 11, 2018
Additional Resources For Securing The Stack Tutorials
Updated Sep 9, 2018
A Python client library for interfacing with Rapid7 AppSpider Enterprise.
Updated Jan 27, 2018
A list of security testing tools for containerized applications
Updated Oct 8, 2018
Sample scan files for testing DefectDojo imports
Updated Oct 23, 2018
SDL Security Development Lifecycle Practice
Updated May 7, 2017