The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
翻译 - Web 安全测试指南是一个全面的开源指南,用于测试 Web 应用程序和 Web 服务的安全性。
Dongtai IAST is an open-source Interactive Application Security Testing (IAST) tool that enables real-time detection of common vulnerabilities in Java applications and third-party components through p...
翻译 - 东泰是一款交互式应用安全测试(IAST)产品,支持检测OWASP WEB TOP 10漏洞、多请求相关漏洞(包括逻辑漏洞、未授权访问漏洞等)、第三方组件漏洞等。
vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
翻译 - vAPI 是易受攻击的不利编程接口,它是一种自我托管的 API,它以练习的方式模仿 OWASP API 前 10 名场景。
Java Agent is a Java application probe of DongTai IAST, which collects method invocation data during runtime of Java application by dynamic hooks.
Application with SQL Injection vulnerability and possible privilege escalation. Free vulnerable app for ethical hacking / penetration testing training.