The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
-
Updated
Jul 16, 2024 - Python
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Web path scanner
w3af: web application attack and audit framework, the open source web vulnerability scanner.
Open Source Vulnerability Management Platform
Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependencies. CI and Git friendly.
Version 0.2 - Exploit Time-based blind-SQL injection in HTTP-Headers (MySQL/MariaDB).
This project is about creating and publishing threat model examples.
A Burp extension generates dynamic payloads to uncover injection flaws (LFI, RCE, SQLi), creates user access tables to identify authentication and authorization issues, attempts to bypass HTTP 403 access restrictions, and converts HTTP requests as JavaScript code for enhanced XSS exploitation.
Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.
An application to assist in the organization and prioritization of software security activities.
A library for detecting known secrets across many web frameworks
A Burp Suite Extension for pentester and bug bounty hunters an to maintain checklist, map flows, write test cases and track vulnerabilities
Intentionally Vulnerable Serverless Functions to understand the specifics of Serverless Security Vulnerabilities
Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer
CryptoNice is both a command line tool and library which provides the ability to scan and report on the configuration of SSL/TLS for your internet or internal facing web services. Built using the sslyze API and ssl, http-client and dns libraries, cryptonice collects data on a given domain and performs a series of tests to check TLS configuration…
Detects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.
Course topics & links for crypto & appsec course taught in 2021
Add a description, image, and links to the appsec topic page so that developers can more easily learn about it.
To associate your repository with the appsec topic, visit your repo's landing page and select "manage topics."