vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
翻译 - vAPI 是易受攻击的不利编程接口,它是一种自我托管的 API,它以练习的方式模仿 OWASP API 前 10 名场景。
Java Agent is a Java application probe of DongTai IAST, which collects method invocation data during runtime of Java application by dynamic hooks.
#安卓#Vulnerable code snippets with fixes for Web2, Web3, API, iOS, Android and Infrastructure-as-Code (IaC)
Some good resources for getting started with application security
Application with SQL Injection vulnerability and possible privilege escalation. Free vulnerable app for ethical hacking / penetration testing training.
Interactive IPython Notebook to demonstrate OWASP ZAP's API and Scripting Functions - OWASP ZAP 2.8.0
Additional Resources For Securing The Stack Tutorials
Dongtai-plugin-idea is an IDEA plug-in developed by DongTai team for Java Web application developers. This plug-in provides functions such as vulnerability detection and code audit during application ...
Contrast Security Instrumentation for Dockerized Webgoat, with lab instructions.
This repository has been merged into https://github.com/HXSecurity/DongTai. DongTai-engine used to analyze the method data collected by the probe, analyze whether there are vulnerabilities in API req...
#学习与技能提升#AppsecStudy - open-source elearning management system for information security
A playful introduction to web application vulnerabilities in the OWASP Top 10 while relying only on developer tools offered by modern web browsers.
#安全#The Good Parts of Application Security: learn how to build and test secure webapps
