application-security

There are 253 repositories under application-security topic.

  • OWASP/CheatSheetSeries

    The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

    Language:Python27k5734333.8k
  • SafeLine

    chaitin/SafeLine

    A web security gateway, serve as a reverse proxy to protect your websites from attacks and exploits.

    Language:TypeScript10.7k60755634
  • juice-shop

    juice-shop/juice-shop

    OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

    Language:TypeScript9.8k1608059.7k
  • wstg

    OWASP/wstg

    The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

    Language:Dockerfile6.9k3233411.3k
  • paragonie/awesome-appsec

    A curated list of resources for learning about application security

    Language:PHP6.2k31335728
  • urbanadventurer/WhatWeb

    Next generation web scanner

    Language:Ruby5.2k175215885
  • jassics/security-study-plan

    Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...

  • payloadbox/command-injection-payload-list

    🎯 Command Injection Payload List

  • ComplianceAsCode/content

    Security automation content in SCAP, Bash, Ansible, and other formats

    Language:Shell2.1k1242.9k673
  • s4n7h0/xvwa

    XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.

    Language:PHP1.7k8121340
  • metlo-labs/metlo

    Metlo is an open-source API security platform.

    Language:TypeScript1.6k163189
  • learn365

    harsh-bothra/learn365

    This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.

  • awesome-devsecops

    TaptuIT/awesome-devsecops

    Curating the best DevSecOps resources and tooling.

  • Janusec/janusec

    JANUSEC Application Gateway provides secure access, including reverse proxy, K8S Ingress Controller, Automatic ACME Certificate, WAF, 5-Second Shield, CC Defense, OAuth2 Authentication, Global Server Load Balance, and Cookie Compliance etc. JANUSEC应用网关,提供安全的接入,包括反向代理、K8S Ingress Controller、自动化ACME证书、WAF、5秒盾、CC防御、OAuth2身份认证、GSLB负载均衡与Cookie合规等。

    Language:Go1.1k4147264
  • sh4hin/Androl4b

    A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis

  • guardrailsio/awesome-php-security

    Awesome PHP Security Resources 🕶🐘🔐

  • bloodzer0/ossa

    Open-Source Security Architecture | 开源安全架构

  • breaking-and-pwning-apps-and-servers-aws-azure-training

    appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training

    Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!

    Language:CSS9175026255
  • Quitten/Autorize

    Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests

    Language:Python8952578191
  • PhonePe/mantis

    Mantis is a security framework that automates the workflow of discovery, reconnaissance, and vulnerability scanning.

    Language:Python737261684
  • openappsec/openappsec

    open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.

    Language:C++7281810250
  • olacabs/jackhammer

    Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

    Language:Java7186194161
  • wallarm/awesome-nginx-security

    🔥 A curated list of awesome links related to application security related to the environments with NGINX or Kubernetes Ingres Controller (based on NGINX)

  • Anof-cyber/Application-Security

    Resources for Application Security including Web, API, Android, iOS and Thick Client

  • rewanthtammana/Damn-Vulnerable-Bank

    Damn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android application security hacking skills.

    Language:Java623199170
  • security-prince/Application-Security-Engineer-Interview-Questions

    Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer

  • brcyrr/PracticalCyberSecurityResources

    This repository contains a curated list of resources I suggest on LinkedIn and Twitter.📝🌝

  • Awesome-Android-Reverse-Engineering

    user1342/Awesome-Android-Reverse-Engineering

    A curated list of awesome Android Reverse Engineering training, resources, and tools.

  • MattKeeley/Spoofy

    Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.

    Language:Python5599456
  • uuWAF

    Safe3/uuWAF

    A industry-leading free, high-performance, AI and semantic technology web application and API security protection product - uuWAF. 一款工业级免费、高性能、高扩展,支持AI和语义引擎的Web应用和API安全防护产品-南墙。Web应用防火墙、WAF、WAAP

    Language:C55575650
  • payloadbox/rfi-lfi-payload-list

    🎯 RFI/LFI Payload List

  • Cy-clon3/awesome-ios-security

    A curated list of awesome iOS application security resources.

  • enkomio/Taipan

    Web application vulnerability scanner

  • SmileZXLee/ZXHookDetection

    【iOS应用安全、安全攻防】hook及越狱的基本防护与检测(动态库注入检测、hook检测与防护、越狱检测、签名校验、IDA反编译分析加密协议Demo);【数据传输安全】浅谈http、https与数据加密

    Language:Objective-C426131111
  • paragonie/airship

    Secure Content Management for the Modern Web - "The sky is only the beginning"

    Language:PHP4192515041
  • lukeFalsina/Grab-n-Run

    Grab’n Run, a simple and effective Java Library for Android projects to secure dynamic code loading.

    Language:Java41533556