OWASP组织创建的安全速查表,目标是帮助阅读者构建更加安全的应用程序
MobSF (移动端安全框架)是一个自动化的移动端应用程序(Android/iOS/Windows)安全问题检出的框架和工具,可以进行静态和动态分析的渗透测试,恶意软件分析和安全评估
#夺旗赛 (CTF) 和网络安全资源#A collection of hacking / penetration testing resources to make you better!
In-depth attack surface mapping and asset discovery
#夺旗赛 (CTF) 和网络安全资源#OWASP Juice Shop:可能是最不安全的现代化,复杂的网站。用于漏洞学习目的,包含多种热门安全漏洞。
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
A curated list of resources for learning about application security
A list of web application security
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
DevSecOps, ASPM, Vulnerability Management. All on one platform.
bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
CISO Assistant is a one-stop-shop for GRC, covering Risk, AppSec, Compliance/Audit Management, Privacy and supporting +90 frameworks worldwide with auto-mapping: NIST CSF, ISO 27001, SOC2, CIS, PCI DS...
Awesome Node.js Security resources
#Awesome#😎 🔗 Awesome list about all kinds of resources for learning Ethical Hacking and Penetration Testing.
OWASP Coraza WAF is a golang modsecurity compatible web application firewall library
Automated Security Testing For REST API's