Stars
Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources
Your gateway to OWASP. Discover, engage, and help shape the future!
Vulnerability scanner written in Go which uses the data provided by https://osv.dev
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Frida-powered hook runner based on JSON hook files.
OWASP Foundation Web Respository
Keep passwords and other sensitive information out of your inboxes and chat logs.
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static aβ¦
Ghidra is a software reverse engineering (SRE) framework
CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWAβ¦
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
Conference data for www.confs.tech
An encyclopedia for offensive and defensive security knowledge in cloud native technologies.
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Run Capture the Flags and Security Trainings with OWASP WrongSecrets
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Vulnerable app with examples showing how to not use secrets
Invictus Threat Intelligence: IOCs and TTPs from blogs, research and more
A curated list for Awesome Kubernetes Security resources
π³ A simple docker image for pandoc with filters, templates, fonts, and the latex bazaar
Automatic SQL injection and database takeover tool
Mythril is a symbolic-execution-based securty analysis tool for EVM bytecode. It detects security vulnerabilities in smart contracts built for Ethereum and other EVM-compatible blockchains.
An open source, git-ops, zero-trust secret encryption and decryption solution for Kubernetes applications
π± objection - runtime mobile exploration