Build software better, together

vitalysim / Awesome-Hacking-Resources

A collection of hacking / penetration testing resources to make you better!

ctf hacking privilege-escalation reverse-engineering buffer-overflow penetration-testing owasp exploit malware windows-privilege-escalation privilege-escalation-linux mitm

Updated Mar 18, 2019

paragonie / awesome-appsec

3.6k

A curated list of resources for learning about application security

security-experts reading-list curated application-security security owasp

PHP Updated Feb 25, 2019 1 issue needs help

OWASP / CheatSheetSeries

1.8k

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific applic…

owasp code security cheatsheets best-practices appsec

Python Updated Mar 21, 2019

bkimminich / juice-shop

1.8k

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

owasp javascript vulnerable hacking application-security owasp-top-10 owasp-top-ten pentesting vulnapp appsec ctf

JavaScript Updated Mar 22, 2019 8 issues need help

caffix / amass

1.4k

In-depth DNS Enumeration and Network Mapping

go dns subdomain enumeration recon maltego owasp

Go Updated Mar 10, 2019

microcosm-cc / bluemonday

1.1k

bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content …

sanitization html security xss go owasp whitelist

Go Updated Mar 14, 2019

owtf / owtf

1.1k

Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more eff…

security owasp owtf python pentest kali-linux framework web-application-security

Python Updated Mar 5, 2019 8 issues need help

flipkart-incubator / Astra

1.1k

Automated Security Testing For REST API's

security restapiautomation python owasp penetration-testing-framework postman-collection ci-cd sdlc penetration-testing security-automation

Python Updated Feb 28, 2019 1 issue needs help

find-sec-bugs / find-sec-bugs

920

The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Groovy and…

findbugs java security-audit owasp taint-analysis code-analysis security bytecode cwe static-analysis

Java Updated Mar 22, 2019 5 issues need help

OWASP / Amass

873

In-depth DNS Enumeration and Network Mapping

go dns subdomain enumeration recon osint osint-reconnaissance network-security owasp maltego

Go Updated Mar 21, 2019

DefectDojo / django-DefectDojo

717

DefectDojo is an open-source application vulnerability correlation and security orchestration tool.

python vulnerability-databases django security owasp analytics vulnerability-management automation security-automation security-orchestration devsecops vulnerability-correlation helm-charts kubernetes

Python Updated Mar 22, 2019

zdresearch / OWASP-Nettacker

510

Automated Penetration Testing Framework

python penetration-testing penetration-testing-framework owasp automation portscanner vulnerability-scanners information-gathering network-analysis bruteforce

Python Updated Mar 22, 2019 10 issues need help

1N3 / BlackWidow

462

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

Python Updated Nov 8, 2018

zdresearch / OWASP-ZSC

440

OWASP ZSC - Shellcode/Obfuscate Code Generator

shellcode python assembly obfuscator owasp linux windows osx

Python Updated Apr 24, 2018

rezasp / joomscan

407

OWASP Joomla Vulnerability Scanner Project

owasp joomla joomla-cms joomscan vunerability scanner vulnerability-scanners exploit 0day

Perl 6 Updated Feb 26, 2019

lirantal / awesome-nodejs-security

394

Awesome Node.js Security resources

nodejs security cybersecurity web-security owasp vulnerabilities pentest infosec

Updated Mar 9, 2019

stanislav-web / OpenDoor

312

OWASP WEB Directory Scanner

dirscanner scanner owasp dir-scanner dir-search directories-scanner bruteforce pentest blackarch proxies dirsearch

Python Updated Jan 23, 2019

DependencyTrack / dependency-track

281

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk …

Java Updated Mar 20, 2019 5 issues need help

rezasp / vbscan

264

OWASP VBScan is a Black Box vBulletin Vulnerability Scanner

owasp vbscan vbulletin vulnerability vulnerability-scanners exploit

Perl Updated Sep 17, 2018

OWASP / glue

262

Application Security Automation

ci-cd devsecops tool owasp

Ruby Updated Mar 13, 2019 4 issues need help

appsecco / dvna

240

Damn Vulnerable NodeJS Application

nodejs dvna vulnerable-apps vulnerable security owasp-top-10 owasp hack testing

CSS Updated Jan 8, 2019

interference-security / DVWS

236

OWSAP Damn Vulnerable Web Sockets (DVWS) is a vulnerable web application which works on web sockets for client-server…

websockets vulnerabilities php mysql ratchet owasp

PHP Updated Jun 13, 2018

0xRadi / OWASP-Web-Checklist

235

OWASP Web Application Security Testing Checklist

owasp

Updated Mar 14, 2019

security-code-scan / security-code-scan

210

Vulnerability Patterns Detector for C# and VB.NET

security static code analysis roslyn dotnet scan scanner analyzer owasp static-analysis static-code-analysis

C# Updated Feb 15, 2019

cr0hn / nosqlinjection_wordlists

197

This repository contains payload to test NoSQL Injections

wordlist payload nosql-injections mongodb injection owasp

Updated Jun 22, 2017

stevespringett / dependency-check-sonar-plugin

170

Integrates Dependency-Check reports into SonarQube

owasp sonar-plugin nvd vulnerabilities component-analysis security visibility appsec sonarqube vulnerable-components software-security

Java Updated Mar 15, 2019 2 issues need help

husnainfareed / Awesome-Ethical-Hacking-Resources

165

🔗 All the resources I could find for learning Ethical Hacking and Penetration Testing.

penetration-testing hacking learning-hacking web-hacking exploitation youtube-channel hackers owasp vulnerable-applications resources

Updated Mar 8, 2019

mebjas / CSRF-Protector-PHP

128

CSRF Protector library: standalone library for CSRF mitigation

csrf-protector php standalone-library security csrf owasp

PHP Updated Mar 9, 2019 1 issue needs help

bkimminich / juice-shop-ctf

124

Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop

owasp ctf ctfd application-security capture-the-flag pentesting hacking owasp-juice-shop ctfd-database ctfd-setup

JavaScript Updated Mar 20, 2019

albuch / sbt-dependency-check

122

SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabil…

sbt sbt-plugin owasp-dependencycheck cve scala vulnerabilities nvd appsec software-security security owasp static-analysis vulnerability-scanners

Scala Updated Feb 18, 2019

Please note that GitHub no longer supports Internet Explorer.

owasp

Repositories 207

vitalysim / Awesome-Hacking-Resources

paragonie / awesome-appsec

OWASP / CheatSheetSeries

bkimminich / juice-shop

caffix / amass

microcosm-cc / bluemonday

owtf / owtf

flipkart-incubator / Astra

find-sec-bugs / find-sec-bugs

OWASP / Amass

DefectDojo / django-DefectDojo

zdresearch / OWASP-Nettacker

1N3 / BlackWidow

zdresearch / OWASP-ZSC

rezasp / joomscan

lirantal / awesome-nodejs-security

stanislav-web / OpenDoor

DependencyTrack / dependency-track

rezasp / vbscan

OWASP / glue

appsecco / dvna

interference-security / DVWS

0xRadi / OWASP-Web-Checklist

security-code-scan / security-code-scan

cr0hn / nosqlinjection_wordlists

stevespringett / dependency-check-sonar-plugin

husnainfareed / Awesome-Ethical-Hacking-Resources

mebjas / CSRF-Protector-PHP

bkimminich / juice-shop-ctf

albuch / sbt-dependency-check