OWASP组织创建的安全速查表,目标是帮助阅读者构建更加安全的应用程序
#安全#SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
OWASP Zed Attack Proxy(ZAP)是世界上最受欢迎的免费安全工具之一。ZAP可以帮助我们在开发和测试应用程序过程中,自动发现 Web应用程序中的安全漏洞。另外,它也是一款提供给具备丰富经验的渗透测试人员进行人工安全测试的优秀工具。
#夺旗赛 (CTF) 和网络安全资源#OWASP Juice Shop:可能是最不安全的现代化,复杂的网站。用于漏洞学习目的,包含多种热门安全漏洞。
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
A list of web application security
Open Source Vulnerability Management Platform
8 Lessons, Kick-start Your Cybersecurity Learning.
#安全#w3af: web application attack and audit framework, the open source web vulnerability scanner.
DevSecOps, ASPM, Vulnerability Management. All on one platform.
Git All the Payloads! A collection of web attack payloads.
The parent project for OpenZiti. Here you will find the executables for a fully zero trust, application embedded, programmable network @OpenZiti
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.