#shell #security #guide #best_practices #owasp #penetration_testing #application_security #pentesting #bugbounty #appsec #vulnerability_assessment #appsec_tutorials #wstg
https://github.com/OWASP/wstg
https://github.com/OWASP/wstg
GitHub
GitHub - OWASP/wstg: The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications…
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services. - OWASP/wstg
#other #appsecurity #blueteam #owasp #securecoding #security #webappsecurity
https://github.com/joswha/Secure-Coding-Handbook
https://github.com/joswha/Secure-Coding-Handbook
GitHub
GitHub - joswha/Secure-Coding-Handbook: Web Application Secure Coding Handbook resource.
Web Application Secure Coding Handbook resource. Contribute to joswha/Secure-Coding-Handbook development by creating an account on GitHub.
#typescript #24pullrequests #application_security #appsec #ctf #hacking #hacktoberfest #javascript #owasp #owasp_top_10 #owasp_top_ten #pentesting #vulnapp #vulnerable
https://github.com/juice-shop/juice-shop
https://github.com/juice-shop/juice-shop
GitHub
GitHub - juice-shop/juice-shop: OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application - juice-shop/juice-shop
#html #api #apitop10 #appsec #appsec_tutorials #bugbounty #bugbounty_tool #cors #docker #exercises #hacktoberfest #hacktoberfest_accepted #owasp #owasp_top_10 #owasp_top_ten #php #postman #vulnerable_application
https://github.com/roottusk/vapi
https://github.com/roottusk/vapi
GitHub
GitHub - roottusk/vapi: vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top…
vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises. - roottusk/vapi
#html #analytics #appsec #automation #devsecops #django #hacktoberfest #kubernetes #owasp #python #security #security_automation #security_orchestration #vulnerability_correlation #vulnerability_databases #vulnerability_management
https://github.com/DefectDojo/django-DefectDojo
https://github.com/DefectDojo/django-DefectDojo
GitHub
GitHub - DefectDojo/django-DefectDojo: Open-Source Unified Vulnerability Management, DevSecOps & ASPM
Open-Source Unified Vulnerability Management, DevSecOps & ASPM - DefectDojo/django-DefectDojo
#html #blueteam #cloud_native #cloud_security #cloudsecurity #container #container_security #devsecops #docker #hacking #infrastructure #k8s #kubernetes #kubernetes_goat #kubernetes_security #owasp #pentesting #redteam #security #vulnerable_app
https://github.com/madhuakula/kubernetes-goat
https://github.com/madhuakula/kubernetes-goat
GitHub
GitHub - madhuakula/kubernetes-goat: Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes…
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀 - madhuakula/kubernetes-goat
👍3
#python #anssi #audit #bsi #cis #compliance #cybersecurity #dora #ebios_rm #fedramp #gdpr #grc #hipaa #isms #iso27001 #nis2 #nist #owasp #privacy #risk_management #soc2
CISO Assistant is a tool that helps manage cyber security and compliance. Here’s what you need to know:
- It separates compliance from cybersecurity controls, making it easier to manage.
- It includes built-in standards, security controls, and threat catalogs.
- You can assess risks and create remediation plans.
- It supports many frameworks like ISO 27001, NIST, GDPR, and more.
- You can use your own frameworks and manage audits, evidence collection, and reports.
Using CISO Assistant saves time by allowing you to reuse assessments, assess multiple frameworks at once, and automate reporting. It's developed by intuitem and has a free trial available. You can run it locally using Docker or join the community on Discord for support. This tool helps cyber security teams streamline their processes and reduce paperwork.
https://github.com/intuitem/ciso-assistant-community
CISO Assistant is a tool that helps manage cyber security and compliance. Here’s what you need to know:
- It separates compliance from cybersecurity controls, making it easier to manage.
- It includes built-in standards, security controls, and threat catalogs.
- You can assess risks and create remediation plans.
- It supports many frameworks like ISO 27001, NIST, GDPR, and more.
- You can use your own frameworks and manage audits, evidence collection, and reports.
Using CISO Assistant saves time by allowing you to reuse assessments, assess multiple frameworks at once, and automate reporting. It's developed by intuitem and has a free trial available. You can run it locally using Docker or join the community on Discord for support. This tool helps cyber security teams streamline their processes and reduce paperwork.
https://github.com/intuitem/ciso-assistant-community
GitHub
GitHub - intuitem/ciso-assistant-community: CISO Assistant is a one-stop-shop GRC platform for Risk Management, AppSec, Compliance…
CISO Assistant is a one-stop-shop GRC platform for Risk Management, AppSec, Compliance & Audit, TPRM, Privacy, and Reporting. It supports 100+ global frameworks with automatic control mappi...
👍1
#go #attack_surfaces #dns #enumeration #go #golang #information_gathering #maltego #network_security #osint #osint_reconnaissance #owasp #recon #subdomain
OWASP Amass is a tool that helps you find and map all the parts of a company's online presence, like websites, servers, and other internet-connected assets. It uses various techniques such as checking APIs, certificates, DNS records, and web archives to gather this information. This tool is useful because it gives you a complete picture of your company's attack surface, helping you identify potential security risks and protect your assets better. You can install it easily using prebuilt packages, Docker, or by compiling it from source code. The community supports it actively, and there are many resources available to help you get started and troubleshoot any issues.
https://github.com/owasp-amass/amass
OWASP Amass is a tool that helps you find and map all the parts of a company's online presence, like websites, servers, and other internet-connected assets. It uses various techniques such as checking APIs, certificates, DNS records, and web archives to gather this information. This tool is useful because it gives you a complete picture of your company's attack surface, helping you identify potential security risks and protect your assets better. You can install it easily using prebuilt packages, Docker, or by compiling it from source code. The community supports it actively, and there are many resources available to help you get started and troubleshoot any issues.
https://github.com/owasp-amass/amass
GitHub
GitHub - owasp-amass/amass: In-depth attack surface mapping and asset discovery
In-depth attack surface mapping and asset discovery - owasp-amass/amass
👍2
#dockerfile #application_security #appsec #best_practices #bugbounty #guide #hacking #hacktoberfest #owasp #penetration_testing #pentesting #security
The OWASP Web Security Testing Guide (WSTG) is a comprehensive resource for testing the security of web applications and services. Created by security professionals and volunteers, it provides a framework of best practices used globally. The guide is constantly updated, with the current version being 5.0, and previous stable releases like 4.2 available. Users can benefit by learning detailed methods for securing web applications, contributing to the guide through feedback or translations, and connecting with the community via Slack, Twitter, or Google Groups. This helps ensure your web applications are secure and up-to-date with the latest security standards.
https://github.com/OWASP/wstg
The OWASP Web Security Testing Guide (WSTG) is a comprehensive resource for testing the security of web applications and services. Created by security professionals and volunteers, it provides a framework of best practices used globally. The guide is constantly updated, with the current version being 5.0, and previous stable releases like 4.2 available. Users can benefit by learning detailed methods for securing web applications, contributing to the guide through feedback or translations, and connecting with the community via Slack, Twitter, or Google Groups. This helps ensure your web applications are secure and up-to-date with the latest security standards.
https://github.com/OWASP/wstg
GitHub
GitHub - OWASP/wstg: The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications…
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services. - OWASP/wstg