52 Open Source Application Security Software Projects
Free and open source application security code projects including engines, APIs, generators, and tools.
Cheatsheetseries 13836 ⭐
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Juice Shop 3847 ⭐
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Wstg 1661 ⭐
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Xvwa 1472 ⭐
XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.
Androl4b 874 ⭐
A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis
Janusec 711 ⭐
Janusec Application Gateway, Provides Fast and Secure Application Delivery. JANUSEC应用网关，提供快速、安全的应用交付。
Breaking And Pwning Apps And Servers Aws Azure Training 709 ⭐
Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!
Jackhammer 618 ⭐
Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
Paragonie Airship 423 ⭐
Secure Content Management for the Modern Web - "The sky is only the beginning"
Grab N Run 415 ⭐
Grab’n Run, a simple and effective Java Library for Android projects to secure dynamic code loading.
Autorize 356 ⭐
Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
Flipkart Incubator Watchdog 324 ⭐
Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
Zxhookdetection 208 ⭐
Application Security Engineer Interview Questions 221 ⭐
Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
Evabs 159 ⭐
An open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners.
Threatplaybook 151 ⭐
A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestration
Securityrat 109 ⭐
OWASP SecurityRAT (version 1.x) - Tool for handling security requirements in development
Mssqli Duet 77 ⭐
SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing
Using Docker Kubernetes For Automating Appsec And Osint Workflows 69 ⭐
Repository for all the workshop content delivered at nullcon X on 1st of March 2019
Infosec Interview Questions 55 ⭐
🗒️ A [work-in-progress] collection for interview questions for Information Security roles
Jwtweak 47 ⭐
Detects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.
Softrams Bulwark 58 ⭐
An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Sqlinjection Training App 31 ⭐
A simple PHP application to learn SQL Injection detection and exploitation techniques.
Bucket Flaws 27 ⭐
Bucket Flaws ( S3 Bucket Mass Scanner ): A Simple Lightweight Script to Check for Common S3 Bucket Misconfigurations
Zap Mini Workshop 26 ⭐
Interactive IPython Notebook to demonstrate OWASP ZAP's API and Scripting Functions - OWASP ZAP 2.8.0
Oss2020 25 ⭐
The Open Security Summit 2020 is focused on the collaboration between, Developers and Application Security
Ssc RestAPI Client 10 ⭐
Communicate with Fortify Software Security Center through REST API in java, a swagger generated client
Awesome Nginx Security 378 ⭐
🔥 A curated list of awesome links related to application security related to the environments with NGINX or Kubernetes Ingres Controller (based on NGINX)
Web Methodology 117 ⭐
Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki
Resources For Application Security 54 ⭐
Some good resources for getting started with application security
Vs4vijay Multiscanner 10 ⭐
Security Tool which scans a target using OpenVAS, Zap, and Nexpose. And consolidates the scan result.