Projects in Awesome Lists tagged with owasp

https://github.com/owasp/cheatsheetseries

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

application-security appsec best-practices cheatsheets code owasp security

Last synced: 28 Oct 2024

https://github.com/OWASP/CheatSheetSeries

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

application-security appsec best-practices cheatsheets code owasp security

Last synced: 24 Oct 2024

https://github.com/mobsf/mobile-security-framework-mobsf

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

android-security api-testing apk cwe devsecops dynamic-analysis ios-security malware-analysis mastg masvs mobile-security mobsf mstg owasp rest runtime-security static-analysis web-security windows-mobile-security

Last synced: 17 Dec 2024

https://github.com/MobSF/Mobile-Security-Framework-MobSF

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

android-security api-testing apk cwe devsecops dynamic-analysis ios-security malware-analysis mastg masvs mobile-security mobsf mstg owasp rest runtime-security static-analysis web-security windows-mobile-security

Last synced: 27 Oct 2024

https://github.com/owasp-amass/amass

In-depth attack surface mapping and asset discovery

attack-surfaces dns enumeration go golang information-gathering maltego network-security osint osint-reconnaissance owasp recon subdomain

Last synced: 27 Oct 2024

https://github.com/juice-shop/juice-shop

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

24pullrequests application-security appsec ctf hacking hacktoberfest javascript owasp owasp-top-10 owasp-top-ten pentesting security vulnapp vulnerable

Last synced: 16 Dec 2024

https://bkimminich.github.io/juice-shop

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

24pullrequests application-security appsec ctf hacking hacktoberfest javascript owasp owasp-top-10 owasp-top-ten pentesting security vulnapp vulnerable

Last synced: 27 Oct 2024

https://github.com/OWASP/wstg

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

application-security appsec best-practices bugbounty guide hacking hacktoberfest owasp penetration-testing pentesting security

Last synced: 01 Nov 2024

https://github.com/owasp/wstg

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

application-security appsec best-practices bugbounty guide hacking hacktoberfest owasp penetration-testing pentesting security

Last synced: 04 Dec 2024

https://github.com/urbanadventurer/whatweb

Next generation web scanner

application-security appsec hacking hacking-tools kali-linux network-security owasp penetration-test penetration-testing penetration-testing-tools pentest pentesting pentesting-tools recon ruby scanner security security-tools web web-hacking

Last synced: 17 Dec 2024

https://github.com/urbanadventurer/WhatWeb

Next generation web scanner

application-security appsec hacking hacking-tools kali-linux network-security owasp penetration-test penetration-testing penetration-testing-tools pentest pentesting pentesting-tools recon ruby scanner security security-tools web web-hacking

Last synced: 26 Oct 2024

https://github.com/madhuakula/kubernetes-goat

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

blueteam cloud-native cloud-security cloudsecurity container container-security devsecops docker hacking infrastructure k8s kubernetes kubernetes-goat kubernetes-security owasp pentesting redteam security vulnerable-app

Last synced: 17 Dec 2024

https://github.com/DefectDojo/django-DefectDojo

DevSecOps, ASPM, Vulnerability Management. All on one platform.

analytics appsec automation devsecops django hacktoberfest kubernetes owasp python security security-automation security-orchestration vulnerability-correlation vulnerability-databases vulnerability-management

Last synced: 02 Nov 2024

https://github.com/defectdojo/django-defectdojo

DevSecOps, ASPM, Vulnerability Management. All on one platform.

analytics appsec automation devsecops django hacktoberfest kubernetes owasp python security security-automation security-orchestration vulnerability-correlation vulnerability-databases vulnerability-management

Last synced: 17 Dec 2024

https://github.com/owasp/nettacker

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

automation bruteforce cve cves hacking-tools information-gathering network-analysis owasp penetration-testing penetration-testing-framework pentesting pentesting-tools portscanner python scanner security security-tools vulnerability-management vulnerability-scanner vulnerability-scanners

Last synced: 16 Dec 2024

https://github.com/microcosm-cc/bluemonday

bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS

allowlist go golang html owasp sanitization security xss

Last synced: 16 Dec 2024

https://github.com/OWASP/Nettacker

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

automation bruteforce cve cves hacking-tools information-gathering network-analysis owasp penetration-testing penetration-testing-framework pentesting pentesting-tools portscanner python scanner security security-tools vulnerability-management vulnerability-scanner vulnerability-scanners

Last synced: 28 Oct 2024

https://github.com/dependencytrack/dependency-track

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

appsec bill-of-materials bom component-analysis cyclonedx devsecops hacktoberfest nvd ossindex owasp package-url purl sbom sca security security-automation software-composition-analysis software-security vulnerabilities vulnerability-detection

Last synced: 18 Dec 2024

https://github.com/DependencyTrack/dependency-track

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

appsec bill-of-materials bom component-analysis cyclonedx devsecops hacktoberfest nvd ossindex owasp package-url purl sbom sca security security-automation software-composition-analysis software-security vulnerabilities vulnerability-detection

Last synced: 01 Nov 2024

https://github.com/flipkart-incubator/astra

Automated Security Testing For REST API's

ci-cd owasp penetration-testing penetration-testing-framework postman-collection python restapiautomation sdlc security security-automation

Last synced: 18 Dec 2024

https://github.com/flipkart-incubator/Astra

Automated Security Testing For REST API's

ci-cd owasp penetration-testing penetration-testing-framework postman-collection python restapiautomation sdlc security security-automation

Last synced: 29 Oct 2024

https://github.com/corazawaf/coraza

OWASP Coraza WAF is a golang modsecurity compatible web application firewall library

coraza coraza-waf coreruleset go golang hacktoberfest http modsecurity owasp owasp-crs waf web-application-firewall

Last synced: 16 Dec 2024

https://github.com/coreruleset/coreruleset

OWASP CRS (Official Repository)

crs owasp ruleset security

Last synced: 29 Oct 2024

https://github.com/find-sec-bugs/find-sec-bugs

The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)

bytecode code-analysis cwe findbugs hacktoberfest java owasp security security-audit static-analysis taint-analysis

Last synced: 30 Oct 2024

https://github.com/phongnguyend/Practical.CleanArchitecture

Full-stack .Net 8 Clean Architecture (Microservices, Modular Monolith, Monolith), Blazor, Angular 18, React 18, Vue 3, BFF with YARP, Domain-Driven Design, CQRS, SOLID, Asp.Net Core Identity Custom Storage, OpenID Connect, Entity Framework Core, OpenTelemetry, SignalR, Hosted Services, Health Checks, Rate Limiting, Cloud Services (Azure, AWS, GCP).

angular aws azure blazor clean-architecture cqrs devops docker domain-driven-design kafka kubernetes microservices oauth2 opentelemetry owasp rabbitmq reactjs signalr vuejs

Last synced: 06 Nov 2024

https://github.com/phongnguyend/practical.cleanarchitecture

Full-stack .Net 8 Clean Architecture (Microservices, Modular Monolith, Monolith), Blazor, Angular 18, React 18, Vue 3, BFF with YARP, Domain-Driven Design, CQRS, SOLID, Asp.Net Core Identity Custom Storage, OpenID Connect, Entity Framework Core, OpenTelemetry, SignalR, Hosted Services, Health Checks, Rate Limiting, Cloud Services (Azure, AWS, GCP).

angular aws azure blazor clean-architecture cqrs devops docker domain-driven-design kafka kubernetes microservices oauth2 opentelemetry owasp rabbitmq reactjs signalr vuejs

Last synced: 18 Dec 2024

https://github.com/owasp/owasp-masvs

The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.

android-app audit gitbook ios-app mastg masvs mobile mstg owasp penetration-testing penetration-tests security security-audit security-standards standard verification

Last synced: 19 Dec 2024

https://github.com/OWASP/owasp-masvs

The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.

android-app audit gitbook ios-app mastg masvs mobile mstg owasp penetration-testing penetration-tests security security-audit security-standards standard verification

Last synced: 30 Oct 2024

https://github.com/cossacklabs/themis

Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.

asymmetric-cryptography authentication cryptography cryptography-library encryption golang ios java javascript objective-c owasp php python ruby rust secure-messenger secure-storage security swift symmetric-cryptography

Last synced: 17 Dec 2024

https://github.com/owtf/owtf

Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org https://twitter.com/owtfp

framework kali-linux owasp owtf pentest python security web-application-security

Last synced: 29 Oct 2024

https://github.com/bearer/bearer

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

appsec code-quality compliance dataflow devsecops devsecops-tools gdpr owasp privacy sast security security-audit security-automation security-scanner security-tools static-analysis static-code-analysis vulnerabilities vulnerability

Last synced: 24 Oct 2024

https://github.com/Bearer/bearer

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

appsec code-quality compliance dataflow devsecops devsecops-tools gdpr owasp privacy sast security security-audit security-automation security-scanner security-tools static-analysis static-code-analysis vulnerabilities vulnerability

Last synced: 02 Nov 2024

https://github.com/0xRadi/OWASP-Web-Checklist

OWASP Web Application Security Testing Checklist

bugbounty checklist owasp security security-tools security-vulnerability testing

Last synced: 26 Oct 2024

https://github.com/0xradi/owasp-web-checklist

OWASP Web Application Security Testing Checklist

bugbounty checklist owasp security security-tools security-vulnerability testing

Last synced: 03 Nov 2024

https://github.com/wallarm/gotestwaf

An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses

api-security bugbounty graphql-security grpc-security owasp rest-security security security-testing security-tools waf web-application-firewall web-application-security

Last synced: 18 Dec 2024

https://github.com/1N3/BlackWidow

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

active application automated bugbounty csrf fuzzer lfi osint owasp passive python rce rfi scan scanner spider sqli vulnerability web xss

Last synced: 01 Nov 2024

https://github.com/1n3/blackwidow

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

active application automated bugbounty csrf fuzzer lfi osint owasp passive python rce rfi scan scanner spider sqli vulnerability web xss

Last synced: 21 Dec 2024

https://github.com/xalgord/massive-web-application-penetration-testing-bug-bounty-notes

A comprehensive guide for web application penetration testing and bug bounty hunting, covering methodologies, tools, and resources for identifying and exploiting vulnerabilities.

bug-bounty bugbounty bugbountytips collection ethical-hacking hacking owasp owasp-top-10 resources xalgord

Last synced: 29 Nov 2024

https://github.com/xalgord/Massive-Web-Application-Penetration-Testing-Bug-Bounty-Notes

A comprehensive guide for web application penetration testing and bug bounty hunting, covering methodologies, tools, and resources for identifying and exploiting vulnerabilities.

bug-bounty bugbounty bugbountytips collection ethical-hacking hacking owasp owasp-top-10 resources xalgord

Last synced: 21 Nov 2024

https://github.com/webpwnized/mutillidae

OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security training. This is an easy-to-use web hacking environment designed for labs, security enthusiasts, classrooms, CTF, and vulnerability assessment tool targets.

10 application appsec cybersecurity owasp owasp-top-10 penetration-testing security top training web

Last synced: 19 Dec 2024

https://github.com/OWASP/wrongsecrets

Vulnerable app with examples showing how to not use secrets

aws azure ctf devsecops docker gcp hashicorp-vault java keepass kubernetes owasp secrets secrets-management security terraform-aws terraform-azure terraform-gcp vault vulnerable-web-app

Last synced: 02 Nov 2024

https://github.com/owasp/wrongsecrets

Vulnerable app with examples showing how to not use secrets

aws azure ctf devsecops docker gcp hashicorp-vault java keepass kubernetes owasp secrets secrets-management security terraform-aws terraform-azure terraform-gcp vault vulnerable-web-app

Last synced: 19 Dec 2024

https://github.com/roottusk/vapi

vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.

api apitop10 appsec appsec-tutorials bugbounty cors docker exercises hacktoberfest hacktoberfest-accepted owasp owasp-top-10 owasp-top-ten php postman vulnerable-application

Last synced: 21 Dec 2024

https://github.com/owasp/www-community

OWASP Community Pages are a place where OWASP can accept community contributions for security-related content.

appsec community-project owasp

Last synced: 04 Dec 2024

https://github.com/owasp/joomscan

OWASP Joomla Vulnerability Scanner Project https://www.secologist.com/

0day exploit joomla joomla-cms joomscan owasp scanner vulnerability-scanners vunerability

Last synced: 19 Dec 2024

https://github.com/OWASP/joomscan

OWASP Joomla Vulnerability Scanner Project https://www.secologist.com/

0day exploit joomla joomla-cms joomscan owasp scanner vulnerability-scanners vunerability

Last synced: 28 Oct 2024

https://github.com/saeeddhqan/Maryam

Maryam: Open-source Intelligence(OSINT) Framework

maryam osint owasp reconnaissance search-engine social-network

Last synced: 01 Nov 2024

https://github.com/OWASP/crAPI

completely ridiculous API (crAPI)

api apisecurity hacktoberfest owasp

Last synced: 27 Oct 2024

https://github.com/security-code-scan/security-code-scan

Vulnerability Patterns Detector for C# and VB.NET

analysis analyzer code dotnet owasp roslyn scan scanner security static static-analysis static-code-analysis

Last synced: 28 Oct 2024

https://github.com/yeswehack/vulnerable-code-snippets

Twitter vulnerable snippets

bugbounty code code-analyze example-code owasp snippets vulnerable web-application websecurity worst-practices

Last synced: 06 Dec 2024

https://github.com/openappsec/openappsec

open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.

api-security application-security appsec devsecops kong kubernetes nginx nginx-proxy-manager owasp owasp-top-ten rate-limiting security-tools threat-prevention waf web-application-firewall

Last synced: 06 Nov 2024

https://github.com/stanislav-web/opendoor

OWASP WEB Directory Scanner

blackarch bruteforce dir-scanner dir-search directories-scanner dirscanner dirsearch owasp pentest proxies scanner

Last synced: 21 Dec 2024

https://github.com/stanislav-web/OpenDoor

OWASP WEB Directory Scanner

blackarch bruteforce dir-scanner dir-search directories-scanner dirscanner dirsearch owasp pentest proxies scanner

Last synced: 08 Nov 2024

https://github.com/owasp/owasp-vwad

The OWASP Vulnerable Web Applications Directory project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.

appsec owasp vulnerable vulnerable-web-app vulnerable-web-application

Last synced: 03 Nov 2024

https://github.com/OWASP/OWASP-VWAD

The OWASP Vulnerable Web Applications Directory project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.

appsec owasp vulnerable vulnerable-web-app vulnerable-web-application

Last synced: 10 Nov 2024

https://github.com/nuxt-modules/security

🛡 Automatically configure your app to follow OWASP security patterns and principles by using HTTP Headers and Middleware

basic-authentication cors csrf headers-security module nonce nuxt owasp rate-limiting security vue xss

Last synced: 20 Dec 2024

https://github.com/baroshem/nuxt-security

🛡 Automatically configure your app to follow OWASP security patterns and principles by using HTTP Headers and Middleware

basic-authentication cors csrf headers-security module nonce nuxt owasp rate-limiting security vue xss

Last synced: 27 Nov 2024

https://github.com/Baroshem/nuxt-security

🛡 Automatically configure your app to follow OWASP security patterns and principles by using HTTP Headers and Middleware

basic-authentication cors csrf headers-security module nonce nuxt owasp rate-limiting security vue xss

Last synced: 15 Nov 2024

https://github.com/OWASP/threat-dragon

An open source threat modeling tool from OWASP

owasp owasp-threat-dragon sdlc threat-dragon threat-modeling

Last synced: 02 Nov 2024

https://github.com/OWASP/DevSecOpsGuideline

The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.

devsecops owasp security shift-left

Last synced: 25 Nov 2024

https://github.com/Zeyad-Azima/Offensive-Resources

A Huge Learning Resources with Labs For Offensive Security Players

api api-security cloud-security cybersecurity hack hacking infrastructure learning mobile mobile-security offensive offensive-security owasp owasp-top-10 red-team red-teaming redteam security web web-security

Last synced: 21 Nov 2024

https://github.com/secureCodeBox/secureCodeBox

secureCodeBox (SCB) - continuous secure delivery out of the box

devsecops hacktoberfest kubernetes kubernetes-operator owasp owasp-zap securecodebox security security-automation security-testing security-tools

Last synced: 01 Nov 2024

https://github.com/tcosolutions/betterscan

Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners with One Report (Code, IaC) - Betterscan

code-quality code-quality-analyzer compliance devops devops-tools devsecops gdpr owasp sast security-audit security-automation security-orchestration security-scanner security-tools sonarqube static-analysis static-analyzers static-code-analysis vulnerability vulnerability-scanner

Last synced: 14 Oct 2024

https://github.com/OWASP/IoTGoat

IoTGoat is a deliberately insecure firmware created to educate software developers and security professionals with testing commonly found vulnerabilities in IoT devices.

embedded-linux firmware firmware-security iot-security iot-security-testing openwrt owasp vulnerability-challenges

Last synced: 10 Nov 2024

https://github.com/appsecco/dvna

Damn Vulnerable NodeJS Application

dvna hack nodejs owasp owasp-top-10 security testing vulnerable vulnerable-apps

Last synced: 27 Oct 2024

https://github.com/owasp/zsc

OWASP ZSC - Shellcode/Obfuscate Code Generator https://www.secologist.com/

assembly linux obfuscator osx owasp python shellcode windows

Last synced: 16 Dec 2024

https://github.com/OWASP/ZSC

OWASP ZSC - Shellcode/Obfuscate Code Generator https://www.secologist.com/

assembly linux obfuscator osx owasp python shellcode windows

Last synced: 17 Nov 2024

https://github.com/cloudcomponents/cdk-constructs

A collection of higher-level reusable cdk constructs

aws aws-cdk backup bluegreen-deployment cdk chatops codecommit codedeploy codepipeline container contentful dependency-check devops ecs github msteams owasp slack stripe webhooks

Last synced: 18 Dec 2024

https://github.com/owasp-noir/noir

Attack surface detector that identifies endpoints by static analysis

attack-surface-detector attack-surfaces crystal crystal-lang devsecops endpoints hacktoberfest noir owasp owasp-noir pentesting security

Last synced: 20 Dec 2024

https://github.com/daveshanley/vacuum

vacuum is the worlds fastest OpenAPI 3, OpenAPI 2 / Swagger linter and quality analysis tool. Built in go, it tears through API specs faster than you can think. vacuum is compatible with Spectral rulesets and generates compatible reports.

go golang lint linter linters linting oas openapi openapi-spec openapi-specification openapi3 openapi3-1 openapi3-validation openapi31 owasp spectral stoplight swagger swagger-spec swagger-specification

Last synced: 18 Dec 2024

https://github.com/cyclonedx/cdxgen

Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI/CD pipeline with automatic submission to Dependency Track server. GPT: https://chatgpt.com/g/g-673bfeb4037481919be8a2cd1bf868d2-cdxgen

bom cbom containers cyclonedx docker oci owasp package-url purl saasbom sbom sca software-bill-of-materials supply-chain

Last synced: 21 Dec 2024

https://github.com/dependency-check/dependency-check-sonar-plugin

Integrates Dependency-Check reports into SonarQube

appsec component-analysis nvd owasp security software-security sonar-plugin sonarqube visibility vulnerabilities vulnerable-components

Last synced: 19 Nov 2024

https://github.com/CycloneDX/cdxgen

Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI/CD pipeline with automatic submission to Dependency Track server. Google chat: https://chat.google.com/room/AAAA6l2dO60?cls=7

bom cbom containers cyclonedx docker oci owasp package-url purl saasbom sbom sca software-bill-of-materials supply-chain

Last synced: 02 Nov 2024

https://github.com/OWASP/www-project-kubernetes-top-ten

OWASP Foundation Web Respository

kubernetes owasp security

Last synced: 07 Nov 2024

https://github.com/OWASP/glue

Application Security Automation

ci-cd devsecops owasp tool

Last synced: 16 Nov 2024

https://github.com/insidersec/insider

Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).

android android-security cli csharp dotnet insider ios ios-security javascript kotlin maven nodejs owasp sast security-automation security-scanner security-tools static-analysis static-analyzer swift

Last synced: 21 Dec 2024

https://github.com/Safe3/uuWAF

A industry-leading free, high-performance, AI and semantic technology web application and API security protection product - uuWAF. 一款工业级免费、高性能、高扩展，支持AI和语义引擎的Web应用和API安全防护产品-南墙。Web应用防火墙、WAF、WAAP

api-gateway api-security application-security ddos http-flood modsecurity owasp security uuwaf waap waf web-application-firewall web-security-gateway

Last synced: 28 Nov 2024

https://github.com/OWASP/OFFAT

The OWASP OFFAT tool autonomously assesses your API for prevalent vulnerabilities, though full compatibility with OAS v3 is pending. The project remains a work in progress, continuously evolving towards completion.

api-hacking api-rest api-security api-security-testing offat owasp

Last synced: 17 Nov 2024

https://github.com/OWASP/Python-Honeypot

OWASP Honeypot, Automated Deception Framework.

cybersecurity deception honeynet honeypot informationsecurity infosec owasp security

Last synced: 02 Nov 2024

https://github.com/juice-shop/juice-shop-ctf

Tool to export Juice Shop challenges and hints in data format compatible with CTFd, RootTheBox or FBCTF

24pullrequests application-security capture-the-flag ctf ctf-frameworks ctfd ctfd-database ctfd-setup facebook-ctf fbctf hacking hacktoberfest owasp owasp-juice-shop pentesting rootthebox rtb

Last synced: 22 Dec 2024

https://github.com/domain-protect/domain-protect

OWASP Domain Protect - prevent subdomain takeover

aws bugbounty cloudflare dns owasp security security-tools serverless terraform

Last synced: 19 Nov 2024

https://github.com/bmarsh9/gapps

Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking. https://gapps.darkbanner.com

27002 asvs cis18 cmmc compliance csc grc hipaa iso27001 nist nist-csf nist800-53 owasp owasp-top-10 pci pci-dss security soc2

Last synced: 05 Nov 2024

https://github.com/cyclonedx/specification

OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reduction. SBOM, SaaSBOM, HBOM, AI/ML-BOM, CBOM, OBOM, MBOM, VDR, and VEX

bill-of-materials bom cbom cpe cyclonedx license machine-learning mbom owasp saasbom sbom software software-bill-of-materials spdx specification standard supply-chain swid tc54 vex

Last synced: 16 Nov 2024

https://github.com/CycloneDX/specification

OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reduction. SBOM, SaaSBOM, HBOM, AI/ML-BOM, CBOM, OBOM, MBOM, VDR, and VEX

bill-of-materials bom cbom cpe cyclonedx license machine-learning mbom owasp saasbom sbom software software-bill-of-materials spdx specification standard supply-chain swid tc54 vex