Stars
Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure
IWA (Insecure Web App) Pharmacy Direct - an insecure web application for use in DevSecOps scenarios.
tlopesPT / ibm-security-appscanstandard-scanner-plugin
Forked from jenkinsci/ibm-security-appscanstandard-scanner-pluginIBM's AppScan Standard Plugin for Jenkins
IBM's AppScan Standard Plugin for Jenkins
Scan systems and docker images for potential spring4shell vulnerabilities. Will detect in-depth (layered archives jar/zip/tar/war and scans for vulnerable Spring4shell versions. Binaries for Window…
lunasec-io / Spring4Shell-POC
Forked from reznok/Spring4Shell-POCThis is a dockerized application that is vulnerable to the Spring4Shell vulnerability (CVE-2022-22965).
Dockerized Spring4Shell (CVE-2022-22965) PoC application and exploit
OXO is a security scanning orchestrator for the modern age.
A malicious LDAP server for JNDI injection attacks
The Open Security Summit is focused on the collaboration between, Developers and Application Security
RCE exploit for a .NET JSON deserialization vulnerability in Telerik UI for ASP.NET AJAX.
Distributed crawler powered by Headless Chrome
Java web and command line applications demonstrating various security topics
This repository includes a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate. The objective is to simplify as much as possible t…
GitHub Satellite 2020 workshops on finding security vulnerabilities with CodeQL for Java/JavaScript.
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules thro…
Repo for all the OWASP-SKF Docker lab examples
Java web common vulnerabilities and security code which is base on springboot and spring security
List of Awesome Asset Discovery Resources
This repository will serve as the "master" repo containing all trainings and tutorials done in preperation for OSWE in conjunction with the AWAE course. This repo will likely contain custom code by…