Pinned Repositories
aes-cbc-security-research
Tampering and padding oracle attacks demonstration for AES CBC encryption
aws-threat-modeling-tool-template
capicom-wrapper
Java wrapper for Microsoft capicom library (CSP)
devsecops-lab
Demo files
nginx-baseline
Nginx Security Baseline Assessment - InSpec Profile - CIS Benchmark verification
php-web-security
PHP web security solutions and examples
postgres-baseline
PostgreSQL Security Baseline Assessment - InSpec Profile - CIS Benchmark controls, secure defaults and HashiCorp Vault integration
threat-modeling
Threat models hub
TicTaaC
Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. Sugar-Free and Secure: no any external dependencies except for chart plotting are used
zap-extensions
OWASP ZAP Add-ons
Easy Application Security's Repositories
EasyAppSecurity/aws-threat-modeling-tool-template
EasyAppSecurity/postgres-baseline
PostgreSQL Security Baseline Assessment - InSpec Profile - CIS Benchmark controls, secure defaults and HashiCorp Vault integration
EasyAppSecurity/capicom-wrapper
Java wrapper for Microsoft capicom library (CSP)
EasyAppSecurity/nginx-baseline
Nginx Security Baseline Assessment - InSpec Profile - CIS Benchmark verification
EasyAppSecurity/devsecops-lab
Demo files
EasyAppSecurity/php-web-security
PHP web security solutions and examples
EasyAppSecurity/threat-modeling
Threat models hub
EasyAppSecurity/aes-cbc-security-research
Tampering and padding oracle attacks demonstration for AES CBC encryption
EasyAppSecurity/docker-registry-security-assessment
InSpec Profile for Private Docker Registry Security Assessment
EasyAppSecurity/hashicorp-vault-use-cases
Use cases and examples of Hashicorp Vault
EasyAppSecurity/java-web-security
Java web defence research platform
EasyAppSecurity/spring-boot-inspec
Spring Boot Security Baseline Assessment InSpec Profile
EasyAppSecurity/TicTaaC
Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. Sugar-Free and Secure: no any external dependencies except for chart plotting are used
EasyAppSecurity/zap-extensions
OWASP ZAP Add-ons
EasyAppSecurity/b-blockchain
Blockchain based on STB algorithms
EasyAppSecurity/capicom-wrapper-examples
Examples of usage capicom-wrapper project
EasyAppSecurity/ecb-encryption-research
Simple demonstration of ECB encryption problem
EasyAppSecurity/gnuk-portable-pcb
Portable GNUK token design
EasyAppSecurity/inspec-vault
Chef InSpec profile for HashiCorp Vault
EasyAppSecurity/jks-converter
SSL private key to java keystore converter script
EasyAppSecurity/secure-account-recovery
Secure account recovery demonstration with timing attack protection and email signing and encryption
EasyAppSecurity/SodiumJCE
Java Cryptography Extension for libsodium