Pinned Repositories
app1
Generated by the Red Hat Developer Launch (https://developers.redhat.com/launch)
apps
Operate-first application manifests
ASVS
Application Security Verification Standard
BurpBounty
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
community-scripts
A collection of ZAP scripts provided by the community - pull requests very welcome!
owasp-asvs-wstg-checklist
OWASP Application Security Checklist for testing (mapping ASVS with WSTG)
rapidast
RapiDAST provides a framework for continuous, proactive and fully automated dynamic scanning against web apps/API.
vapi
A small vulnerable API (DO NOT USE IN PRODUCTION)
wstg
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
vulnerable-container-hub
VULCONHUB provides access to files to build your own hands-on vulnerable container image to learn and practice security
jeremychoi's Repositories
jeremychoi/vapi
A small vulnerable API (DO NOT USE IN PRODUCTION)
jeremychoi/app1
Generated by the Red Hat Developer Launch (https://developers.redhat.com/launch)
jeremychoi/apps
Operate-first application manifests
jeremychoi/ASVS
Application Security Verification Standard
jeremychoi/community-scripts
A collection of ZAP scripts provided by the community - pull requests very welcome!
jeremychoi/cybersecurity-struts2
Struts2 Application Vulnerable to CVE-2017-5638. Explains how the exploit of the vulnerability works in relation to OGNL and the JakartaMultiPart parser.
jeremychoi/rapidast
RapiDAST provides a framework for continuous, proactive and fully automated dynamic scanning against web apps/API.
jeremychoi/wstg
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
jeremychoi/dedupe
:id: A python library for accurate and scalable fuzzy matching, record deduplication and entity-resolution.
jeremychoi/detect-secrets
An enterprise friendly way of detecting and preventing secrets in code.
jeremychoi/devfile-sample-python-basic-vapi
A basic sample application using Python with devfile
jeremychoi/django-DefectDojo
DefectDojo is a DevSecOps and vulnerability management platform.
jeremychoi/get-k8s-openapi-docs
Fetch OpenAPI docs of the Kubernetes APIs from the running cluster
jeremychoi/hello-operator2
Tutorial Kubernetes Operator
jeremychoi/interactsh
An OOB interaction gathering server and client library
jeremychoi/kubernetes-goat
Kubernetes Goat 🐐 is a "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security 🔐
jeremychoi/my-notebooks-repo2
jeremychoi/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
jeremychoi/rapidast-tekton
jeremychoi/rapidast-test
jeremychoi/rapitester
jeremychoi/redocly-cli
⚒️ Redocly CLI makes OpenAPI easy. Lint/validate to any standard, generate beautiful docs, and more.
jeremychoi/rhtap-devfile-sample
jeremychoi/speccy
Well Spectually 🤓 Enforce quality rules on your OpenAPI 3.0.x specifications.
jeremychoi/swagger-cli
Swagger 2.0 and OpenAPI 3.0 command-line tool
jeremychoi/test
jeremychoi/Tiredful-API
An intentionally designed broken web application based on REST API.
jeremychoi/vulnerable-container-hub
The OWASP Vulnerable Container Hub(VULCONHUB) provides files to build your own hands-on vulnerable container image to learn and practice security
jeremychoi/zap-extensions
OWASP ZAP Add-ons
jeremychoi/zaproxy
The OWASP ZAP core project