GovTech-CSG
CSG's mandate is to protect the Singapore Government's ICT systems. The code we share here can help keep you safer too.
GovTech Singapore10 Mapletree Business City, Singapore
Pinned Repositories
Autowasp
BurpSuite Extension: A one-stop pen testing checklist and logger tool
Biometric-Authentication-Android-App
This project aims to educate developers to implement secure local biometric authentication on Android devices
govtech-csg-xcg-dangerousfunctions
This package contains a Django application that nullifies the effects of unsafe Python or Django functions (e.g. os.system), and logs all invocations of dangerous functions by default.
govtech-csg-xcg-dangerousrequests
Package containing a Django app that protects your application against dangerous requests (SSRF).
govtech-csg-xcg-modelpermissions
Provides functionality to enforce permissions checks on users when they attempt to perform actions on a Django `Model` object (e.g. if a request accesses a view that tries to read a set of objects from the database).
govtech-csg-xcg-securefileupload
Django middleware to validate user file uploads, detect specially crafted media files with malicious intent and block them.
PaddingOracleHunter
ProxyAgent
stack-the-flags-2020
wstg
The Web Security Testing Guide is a comprehensive open source guide to testing the security of web applications and web services.
GovTech-CSG's Repositories
GovTech-CSG/Autowasp
BurpSuite Extension: A one-stop pen testing checklist and logger tool
GovTech-CSG/ProxyAgent
GovTech-CSG/PaddingOracleHunter
GovTech-CSG/wstg
The Web Security Testing Guide is a comprehensive open source guide to testing the security of web applications and web services.
GovTech-CSG/Biometric-Authentication-Android-App
This project aims to educate developers to implement secure local biometric authentication on Android devices
GovTech-CSG/stack-the-flags-2020
GovTech-CSG/govtech-csg-xcg-securefileupload
Django middleware to validate user file uploads, detect specially crafted media files with malicious intent and block them.
GovTech-CSG/govtech-csg-xcg-dangerousfunctions
This package contains a Django application that nullifies the effects of unsafe Python or Django functions (e.g. os.system), and logs all invocations of dangerous functions by default.
GovTech-CSG/govtech-csg-xcg-dangerousrequests
Package containing a Django app that protects your application against dangerous requests (SSRF).
GovTech-CSG/govtech-csg-xcg-modelpermissions
Provides functionality to enforce permissions checks on users when they attempt to perform actions on a Django `Model` object (e.g. if a request accesses a view that tries to read a set of objects from the database).
GovTech-CSG/govtech-csg-xcg-secretsmanager
Package that provides integration between Django and AWS Secrets Manager for the management of DB credentials (MySQL and PostgreSQL) and Django secret key.
GovTech-CSG/govtech-csg-xcg-securemodelpkid
Package that generates random primary keys for Django model objects to help prevent IDOR vulnerabilities.
GovTech-CSG/govtech-csg-xcg-viewpermissions
Package that modifies Django's default behaviour such that all views are "private" by default (i.e. inaccessible to all, whether authenticated or not). Acts as an extra layer of defense against coding mistakes or misconfigurations.
GovTech-CSG/security-advisories
GovTech-CSG/tsunami-security-scanner-plugins
This project aims to provide a central repository for many useful Tsunami Security Scanner plugins.
GovTech-CSG/www-project-web-security-testing-guide
The Web Security Testing Guide (WSTG) Project produces the premier cybersecurity testing resource for web application developers and security professionals.