The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
-
Updated
Feb 3, 2025 - Python
#
application-security
Here are 52 public repositories matching this topic...
Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
-
Updated
Jan 13, 2025 - Python
Mantis is a security framework that automates the workflow of discovery, reconnaissance, and vulnerability scanning.
osint application-security pentesting recon bugbounty hacktoberfest security-tools product-security attack-surface-management caasm
-
Updated
Feb 1, 2025 - Python
Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.
python security phishing python3 emails cybersecurity penetration-testing spf infosec application-security pentesting appsec dmarc deliverability email-security redteam penetration-testing-tools
-
Updated
Oct 19, 2024 - Python
Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
security application-security security-vulnerability bugbounty vulnerability-management vulnerability-assessment network-security security-tools pentest-tool security-testing penetration-testing-framework cve-search cve-databases product-security
-
Updated
Jul 18, 2018 - Python
A Burp extension helps identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violations, while also converting HTTP requests to JavaScript for enhanced XSS exploitation.
hacking cybersecurity penetration-testing application-security pentesting appsec hacking-tool burpsuite offsec burp-extensions offensivesecurity
-
Updated
Oct 16, 2024 - Python
Fast Advanced Spam Analysis Tool
python docker security ansible ansible-playbook docker-image smtp outlook application-security mail-analyzer spam-analyzer streamparse apache-storm dialect spamscope
-
Updated
Mar 18, 2024 - Python
A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestration
-
Updated
Dec 28, 2024 - Python
Web Application Security Testing Tools
-
Updated
Mar 13, 2024 - Python
Burp Suite extension for bypassing client-side encryption for pentesting and bug bounty
python security encryption cybersecurity penetration-testing bug-bounty infosec application-security pentesting bugbounty burp-plugin burpsuite burp-extensions burpsuite-extender
-
Updated
Jan 20, 2025 - Python
Detects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.
python automation jwt authentication authorization jwt-tokens application-security pentesting bugbounty appsec vulnerability-assessment jwt-algorithm security-enthusiasts jwt-algorithm-confusion-attack
-
Updated
Sep 27, 2023 - Python
SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing
windows active-directory penetration-testing sql-injection mssql application-security burp-plugin burp-extensions user-enumeration
-
Updated
May 10, 2020 - Python
Tool for breaking into web applications.
-
Updated
Aug 16, 2019 - Python
This repository contains cheatsheets and payloads compiled from completing the labs at PortSwigger Academy.
-
Updated
Dec 29, 2024 - Python
Identifying Open-Source License Violation and 1-day Security Risk at Large Scale
-
Updated
Jan 23, 2018 - Python
Vimana is an experimental security framework that aims to provide resources for auditing Python web applications.
experimental django-application hacking django-templates secops application-security flask-security information-security hacking-tool python-security django-template-language devsecops security-framework hacking-framework python3-application hackingtools django-security
-
Updated
Jan 21, 2025 - Python
A small tool to help developers understand a huge set of security requirements from appsec teams
-
Updated
Sep 2, 2022 - Python
A security tool designed to perform thorough scans on a target using OpenVAS, Zap, and Nexpose. It seamlessly consolidates and integrates the scan results, providing a comprehensive overview of the security vulnerabilities identified.
cli security-audit zap owasp application-security security-vulnerability openvas owasp-zap security-scanner nexpose security-tools web-application-security security-testing owasp-top openvas-cli openvas-reports
-
Updated
Dec 5, 2024 - Python
An ongoing & curated collection of awesome software practices and remediation, libraries and frameworks,payloads and techniques, best guidelines and technical resources about Application Security
application application-security web-security security-vulnerability security-hardening appsec vulnerability-scanners security-scanner security-tools web-security-research security-testing endpoint-security mobilesecurity mdm-server developer-security security-advisory
-
Updated
Sep 23, 2023 - Python
"Sucosh" is an automated Source Code vulnerability scanner and assessment framework for Python(Flask-Django) & NodeJs capable of performing code review in Web Application Developing or Source Code Analysis processes.
-
Updated
May 20, 2024 - Python
Improve this page
Add a description, image, and links to the application-security topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the application-security topic, visit your repo's landing page and select "manage topics."