283 skills found · Page 1 of 10
juice-shop / Juice ShopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
OWASP / Top10Official OWASP Top 10 Document Repository
OWASP / NodeGoatThe OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.
xalgord / Massive Web Application Penetration Testing Bug Bounty NotesA comprehensive guide for web application penetration testing and bug bounty hunting, covering methodologies, tools, and resources for identifying and exploiting vulnerabilities.
webpwnized / MutillidaeOWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security training. This is an easy-to-use web hacking environment designed for labs, security enthusiasts, classrooms, CTF, and vulnerability assessment tool targets.
akto-api-security / AktoProactive, Open source API security → API discovery, API Security Posture, Testing in CI/CD, Test Library with 1000+ Tests, Add custom tests, Sensitive data exposure
roottusk / VapivAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
erev0s / VAmPIVulnerable REST API with OWASP top 10 vulnerabilities for security testing
OWASP / Www Project Top 10 For Large Language Model ApplicationsOWASP Top 10 for Large Language Model Apps (Part of the GenAI Security Project)
Zeyad-Azima / Offensive ResourcesA Huge Learning Resources with Labs For Offensive Security Players
globocom / SecDevLabsA laboratory for learning secure web and mobile development in a practical manner.
OWASP / RailsgoatA vulnerable version of Rails that follows the OWASP Top 10
alexbieber / Bug Bounty WriteupsBUG BOUNTY WRITEUPS - OWASP TOP 10 🔴🔴🔴🔴✔
appsecco / DvnaDamn Vulnerable NodeJS Application
bmarsh9 / GappsSecurity compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking
insidersec / InsiderStatic Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).
OWASP / IGoat SwiftOWASP iGoat (Swift) - A Damn Vulnerable Swift Application for iOS
prateek147 / DVIADamn Vulnerable iOS App (DVIA) is an iOS application that is damn vulnerable. Its main goal is to provide a platform to mobile security enthusiasts/professionals or students to test their iOS penetration testing skills in a legal environment. This application covers all the common vulnerabilities found in iOS applications (following OWASP top 10 mobile risks) and contains several challenges that the user can try. This application also contains a section where a user can read various articles on iOS application security. This project is developed and maintained by @prateekg147. The vulnerabilities and solutions covered in this app are tested upto iOS 8.1 .
ossamayasserr / WebAppPentestRoadmapRoadmap for Web Application Penetration Testing | FREE Resources (Not Pirated)
teler-sh / Teler Wafteler-waf is a Go HTTP middleware that protects local web services from OWASP Top 10 threats, known vulnerabilities, malicious actors, botnets, unwanted crawlers, and brute force attacks.
