owasp-top-10 · GitHub Topics

#夺旗赛 (CTF) 和网络安全资源#OWASP Juice Shop：可能是最不安全的现代化，复杂的网站。用于漏洞学习目的，包含多种热门安全漏洞。

owasp JavaScript vulnerable Hacking application-security owasp-top-10 owasp-top-ten pentesting vulnapp appsec ctf Hacktoberfest 24pullrequests 安全

TypeScript 11.34 k

2 天前

payloadbox / sql-injection-payload-list

#安全#🎯 SQL Injection Payload List

sql-injection attacker owasp-top-10 payloads payload websecurity Bug Bounty security-research Hacking injection-attacks injection

5.55 k

1 年前

xalgord / Massive-Web-Application-Penetration-Testing-Bug-Bounty-Notes

A comprehensive guide for web application penetration testing and bug bounty hunting, covering methodologies, tools, and resources for identifying and exploiting vulnerabilities.

Bug Bounty Hackathon-Kit Hacking owasp owasp-top-10 bugbountytips collection ethical-hacking

1.59 k

9 个月前

webpwnized / mutillidae

内容违规，已屏蔽

PHP 1.37 k

4 个月前

akto-api-security / akto

Proactive, Open source API security → API discovery, API Security Posture, Testing in CI/CD, Test Library with 1000+ Tests, Add custom tests, Sensitive data exposure

api-security api-discovery api-security-testing api-testing Authentication Authorization devsecops idor owasp-top-10 安全 security-testing sensitive-data-exposure threat-detection Hacktoberfest hacktoberfest2023 devsecops-pipeline

Java 1.32 k

4 天前

roottusk / vapi

vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.

owasp API apitop10 owasp-top-10 owasp-top-ten vulnerable-application appsec appsec-tutorials Bug Bounty Hacktoberfest Docker Cross-origin resource sharing (CORS)PHP Postman hacktoberfest-accepted exercises

HTML 1.26 k

5 个月前

Zeyad-Azima / Offensive-Resources

#学习与技能提升#A Huge Learning Resources with Labs For Offensive Security Players

API infrastructure learning 安全移动 Web hack Hacking owasp Cybersecurity web-security mobile-security offensive offensive-security red-team owasp-top-10 redteam cloud-security api-security red-teaming

967

3 年前

globocom / secDevLabs

A laboratory for learning secure web and mobile development in a practical manner.

owasp-top-10 labs Development training 安全 vulnerability Hacktoberfest hacktoberfest2022

PHP 937

9 个月前

appsecco / dvna

Damn Vulnerable NodeJS Application

Node.js dvna vulnerable-apps vulnerable 安全 owasp-top-10 owasp hack Testing

SCSS 735

1 年前

bmarsh9 / gapps

Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking

compliance 安全 soc2 grc cmmc 27002 iso27001 nist hipaa nist-csf nist800-53 owasp owasp-top-10 csc pci pci-dss

HTML 559

12 天前

OWASP / iGoat-Swift

OWASP iGoat (Swift) - A Damn Vulnerable Swift Application for iOS

ios-security runtime-security ipa owasp-top-10 iOS

C 433

1 年前

ossamayasserr / WebAppPentestRoadmap

#新手入门#Roadmap for Web Application Penetration Testing | FREE Resources (Not Pirated)

burpsuite Cybersecurity owasp-top-10 penetration-testing pentest 路线图安全 web-security tryhackme portswigger

Python 310

2 年前

ghostery / local-sheriff

Think of Local sheriff as a recon tool in your browser (WebExtension). While you normally browse the internet, Local Sheriff works in the background to empower you in identifying what data points (PII...

privacy-tools web-extension owasp-top-10 data-leakage sensitive-data-exposure

JavaScript 308

3 年前

globaldatanet / aws-firewall-factory

Enhance the security of your web applications effortlessly with AWS Firewall Factory. Safeguard your valuable assets through seamless WAF deployment, updates, and staging, all centrally managed with A...

Amazon Web Services firewall governance waf TypeScript cdk amazon-web-services devsecops owasp 安全 Hacktoberfest owasp-top-10

TypeScript 249

1 个月前

ivan-sincek / forbidden

Bypass 4xx HTTP response status codes and more. The tool is based on Python Requests, PycURL, and HTTP Client.

ethical-hacking offensive-security penetration-testing 安全 Web web-penetration-testing Bug Bounty 403 brute-force bypass cURL owasp-top-10 Python red-team-engagement Fuzzing/Fuzz testing pycurl python-requests

Python 244

3 个月前

akto-api-security / 30-API-security-tests

🚀 Join us for 30days of daily API security tests. #30days30tests We've spent last 120days building amazing API security tests for the community. Next 30 days we will post test tutorials here.

owasp-top-10 安全 Testing

212

2 年前

OWASP / ASST

OWASP ASST (Automated Software Security Toolkit) | A Novel Open Source Web Security Scanner.

web-vulnerability-scanners Cybersecurity owasp-top-10 owasp vulnerability-scanners vulnerability-detection vulnerability-scanner vulnerability-assessment 安全 security-hardening security-testing

JavaScript 170

5 个月前

moeinfatehi / Backup-Finder

A burp suite extension that reviews backup, old, temporary and unreferenced files on web server for sensitive information (OWASP WSTG-CONF-04, OTG-CONFIG-004)

application-security appsecurity burp burp-extensions burpsuite burpsuite-extender owasp penetration-testing pentesting portswigger data-leakage owasp-top-10 sensitive-data-exposure owasp-top-ten

Java 162

1 年前