application-security
There are 253 repositories under application-security topic.
OWASP/CheatSheetSeries
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
chaitin/SafeLine
A web security gateway, serve as a reverse proxy to protect your websites from attacks and exploits.
juice-shop/juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
OWASP/wstg
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
paragonie/awesome-appsec
A curated list of resources for learning about application security
urbanadventurer/WhatWeb
Next generation web scanner
jassics/security-study-plan
Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...
payloadbox/command-injection-payload-list
🎯 Command Injection Payload List
ComplianceAsCode/content
Security automation content in SCAP, Bash, Ansible, and other formats
s4n7h0/xvwa
XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.
metlo-labs/metlo
Metlo is an open-source API security platform.
harsh-bothra/learn365
This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.
TaptuIT/awesome-devsecops
Curating the best DevSecOps resources and tooling.
Janusec/janusec
JANUSEC Application Gateway provides secure access, including reverse proxy, K8S Ingress Controller, Automatic ACME Certificate, WAF, 5-Second Shield, CC Defense, OAuth2 Authentication, Global Server Load Balance, and Cookie Compliance etc. JANUSEC应用网关,提供安全的接入,包括反向代理、K8S Ingress Controller、自动化ACME证书、WAF、5秒盾、CC防御、OAuth2身份认证、GSLB负载均衡与Cookie合规等。
sh4hin/Androl4b
A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis
guardrailsio/awesome-php-security
Awesome PHP Security Resources 🕶🐘🔐
bloodzer0/ossa
Open-Source Security Architecture | 开源安全架构
appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training
Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!
Quitten/Autorize
Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
PhonePe/mantis
Mantis is a security framework that automates the workflow of discovery, reconnaissance, and vulnerability scanning.
openappsec/openappsec
open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.
olacabs/jackhammer
Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
wallarm/awesome-nginx-security
🔥 A curated list of awesome links related to application security related to the environments with NGINX or Kubernetes Ingres Controller (based on NGINX)
Anof-cyber/Application-Security
Resources for Application Security including Web, API, Android, iOS and Thick Client
rewanthtammana/Damn-Vulnerable-Bank
Damn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android application security hacking skills.
security-prince/Application-Security-Engineer-Interview-Questions
Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
brcyrr/PracticalCyberSecurityResources
This repository contains a curated list of resources I suggest on LinkedIn and Twitter.📝🌝
user1342/Awesome-Android-Reverse-Engineering
A curated list of awesome Android Reverse Engineering training, resources, and tools.
MattKeeley/Spoofy
Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.
Safe3/uuWAF
A industry-leading free, high-performance, AI and semantic technology web application and API security protection product - uuWAF. 一款工业级免费、高性能、高扩展,支持AI和语义引擎的Web应用和API安全防护产品-南墙。Web应用防火墙、WAF、WAAP
payloadbox/rfi-lfi-payload-list
🎯 RFI/LFI Payload List
Cy-clon3/awesome-ios-security
A curated list of awesome iOS application security resources.
enkomio/Taipan
Web application vulnerability scanner
SmileZXLee/ZXHookDetection
【iOS应用安全、安全攻防】hook及越狱的基本防护与检测(动态库注入检测、hook检测与防护、越狱检测、签名校验、IDA反编译分析加密协议Demo);【数据传输安全】浅谈http、https与数据加密
paragonie/airship
Secure Content Management for the Modern Web - "The sky is only the beginning"
lukeFalsina/Grab-n-Run
Grab’n Run, a simple and effective Java Library for Android projects to secure dynamic code loading.