appsec · GitHub Topics

OWASP / CheatSheetSeries

OWASP组织创建的安全速查表，目标是帮助阅读者构建更加安全的应用程序

owasp Code 安全 cheatsheets best-practices appsec application-security

Python 29.06 k

1 天前

chaitin / SafeLine

#安全#SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.

Go 15.79 k

13 天前

zaproxy / zaproxy

OWASP Zed Attack Proxy（ZAP）是世界上最受欢迎的免费安全工具之一。ZAP可以帮助我们在开发和测试应用程序过程中，自动发现 Web应用程序中的安全漏洞。另外，它也是一款提供给具备丰富经验的渗透测试人员进行人工安全测试的优秀工具。

zap zap-development dast appsec zaproxy 安全 security-scanner Hacktoberfest

Java 13.28 k

2 天前

maurosoria / dirsearch

Web path scanner

翻译 - 网络路径扫描仪

fuzzer Fuzzing/Fuzz testing Python 安全 dirsearch Hacking pentesting penetration-testing Bug Bounty appsec wordlist hacking-tool Cybersecurity brute scanner enumeration pentest-tool red-teaming redteam

Python 12.65 k

21 天前

juice-shop / juice-shop

#夺旗赛 (CTF) 和网络安全资源#OWASP Juice Shop：可能是最不安全的现代化，复杂的网站。用于漏洞学习目的，包含多种热门安全漏洞。

owasp JavaScript vulnerable Hacking application-security owasp-top-10 owasp-top-ten pentesting vulnapp appsec ctf Hacktoberfest 24pullrequests 安全

TypeScript 10.93 k

2 天前

OWASP / wstg

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

翻译 - Web 安全测试指南是一个全面的开源指南，用于测试 Web 应用程序和 Web 服务的安全性。

best-practices guide owasp Bug Bounty penetration-testing pentesting application-security 安全 Hacktoberfest appsec Hacking

Dockerfile 7.74 k

16 天前

infoslack / awesome-web-hacking

A list of web application security

penetration-testing web-hacking vulnerabilities scanner Hacking hacking-tools metasploit web-security appsec owasp pentesting 安全 vulnerability

6.08 k

3 个月前

urbanadventurer / WhatWeb

Next generation web scanner

翻译 - 下一代网络扫描仪

安全 Web scanner Ruby penetration-testing kali-linux owasp penetration-testing-tools penetration-test Hacking hacking-tools network-security Reconnaissance appsec application-security pentesting pentesting-tools pentest web-hacking

Ruby 5.76 k

8 个月前

infobyte / faraday

Open Source Vulnerability Management Platform

翻译 - 协同渗透测试和漏洞管理平台

DevOps penetration-testing vulnerability vulnerability-scanners 安全 pentesting continuous-scanning Cybersecurity vulnerability-management collaboration burpsuite nessus nmap devsecops security-automation orchestration Common Vulnerabilities and Exposures (CVE)appsec

Python 5.24 k

1 个月前

OWASP / Go-SCP

Golang Secure Coding Practices guide

翻译 - Go编程语言安全编码实践指南

appsec Go

Go 4.94 k

9 个月前

microsoft / Security-101

8 Lessons, Kick-start Your Cybersecurity Learning.

appsec cia-triad data-protection data-security iam identity risk-management secops 安全 threat-modeling zero-trust

HTML 4.88 k

1 个月前

andresriancho / w3af

#安全#w3af: web application attack and audit framework, the open source web vulnerability scanner.

翻译 - w3af：Web应用程序攻击和审核框架，开源Web漏洞扫描程序。

scanner 安全 appsec cross-site-scripting sql-injection

Python 4.68 k

2 年前

jassics / security-study-plan

网络安全工程师学习计划

aws-security study-guide study-plan appsec appsec-tutorials azure-security devsecops-university gcp-security pentesting application-security Cybersecurity security-testing api-security

4.54 k

1 个月前

DefectDojo / django-DefectDojo

DevSecOps, ASPM, Vulnerability Management. All on one platform.

翻译 - DefectDojo是一个开源应用程序漏洞关联和安全协调工具。

Python vulnerability-databases Django 安全 owasp analytics vulnerability-management 自动化 security-automation security-orchestration devsecops vulnerability-correlation Kubernetes Hacktoberfest appsec

HTML 3.92 k

2 小时前

foospidy / payloads

Git All the Payloads! A collection of web attack payloads.

payload payloads xss sqli web-attack-payloads passwords pentest Hacking appsec Cybersecurity

Shell 3.69 k

2 年前

projectdiscovery / interactsh

An OOB interaction gathering server and client library

翻译 - OOB交互收集服务器和客户端库

appsec oast dns 安全 HTTP smtp ldap oob Bug Bounty Go

Go 3.63 k

3 天前

openziti / ziti

The parent project for OpenZiti. Here you will find the executables for a fully zero trust, application embedded, programmable network @OpenZiti

Network vpn-2 appsec zero-trust zero-trust-cloud zero-trust-network zero-trust-network-access zero-trust-security ztaa overlay overlay-network netsec Virtual Private Network zerotrust mesh Go

Go 3.14 k

5 天前

DependencyTrack / dependency-track

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java 2.92 k

2 天前

Checkmarx / kics

Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.

Infrastructure as code 安全 appsec cloudnative Hacktoberfest devsecops Go vulnerability-detection vulnerability-scanners Open Policy Agent

Open Policy Agent 2.24 k

1 天前

Bearer / bearer

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

appsec compliance devsecops devsecops-tools 安全 dataflow gdpr 隐私 sast Static code analysis vulnerability security-scanner vulnerabilities Code quality static-analysis security-automation owasp

Go 2.21 k

2 天前