application-security

Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...

cybersecurity infosec application-security pentesting study-guide appsec aws-security study-plan security-testing api-security azure-security appsec-tutorials gcp-security devsecops-university cybersecurity-education study-planner

UpdatedDec 1, 2025

payloadbox /command-injection-payload-list

Star3.7k

🎯 Command Injection Payload List

windows macos linux security application unix command os injection vulnerability application-security security-vulnerability bugbounty payload command-injection security-testing security-research vulnerability-research payload-list os-injection

UpdatedJul 18, 2024

ComplianceAsCode /content

Star2.6k

Security automation content in SCAP, Bash, Ansible, and other formats

security ansible cybersecurity pci-dss application-security compliance scap hardening security-hardening xccdf oval cpe information-security cce usgcb ospp stig security-automation security-tools security-profile

UpdatedDec 17, 2025
Shell

s4n7h0 /xvwa

Star1.7k

XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.

mysql php knowledge vulnerability application-security xvwa learning-appsec

UpdatedSep 12, 2020
PHP

metlo-labs /metlo

Star1.7k

Metlo is an open-source API security platform.

aws security monitoring api-gateway cybersecurity infosec application-security vulnerabilities bugbounty pentest vulnerability-detection api-security api-pentest infosectools bugbounty-tools metlo

UpdatedJul 25, 2025
TypeScript

harsh-bothra /learn365

Sponsor

Star1.7k

This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.

learning community infosec application-security pentesting vulnerabilities bugbounty pentesting-tools bugbountytips

UpdatedJun 20, 2022

JakobTheDev /awesome-devsecops

Star1.6k

Curating the best DevSecOps resources and tooling.

devops awesome application-security awesome-list hacktoberfest devsecops secure-software-development

UpdatedAug 2, 2024

Safe3 /uusec-waf

Star1.5k

Industry-leading free, high-performance, AI and semantic technology Web Application Firewall and API Security Gateway (WAAP) - UUSEC WAF.

letsencrypt security ddos api-gateway waf xss owasp sql-injection application-security modsecurity web-application-firewall data-mask hips rasp api-security waap web-security-gateway uuwaf uusec-waf uusec

UpdatedDec 15, 2025
Lua

openappsec /openappsec

Star1.5k

open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.

nginx kubernetes rate-limiting waf owasp kong application-security appsec web-application-firewall security-tools owasp-top-ten devsecops api-security nginx-proxy-manager threat-prevention

UpdatedNov 26, 2025
C++

m14r41 /PentestingEverything

Star1.4k

application-security infrastucture source-code appsec network-security forensic-analysis iot-security-testing docker-security wifi-hacking thick-client active-directory-security mobile-pentesting api-pentesting

UpdatedNov 16, 2025

user1342 /Awesome-Android-Reverse-Engineering

Star1.4k

A curated list of awesome Android Reverse Engineering training, resources, and tools.

android training awesome tools reverse-engineering application-security awesome-list malware-analysis ctfs crackmes mobsec

UpdatedJul 8, 2025

JANUSEC Application Gateway provides secure access, including reverse proxy, K8S Ingress Controller, Automatic ACME Certificate, WAF, 5-Second Shield, CC Defense, OAuth2 Authentication, Global Server Load Balance, and Cookie Compliance etc. JANUSEC应用网关，提供安全的接入，包括反向代理、K8S Ingress Controller、自动化ACME证书、WAF、5秒盾、CC防御、OAuth2身份认证、GSLB负载均衡与Cookie合规等。

golang security acme gateway waf sql-injection application-security web-application-firewall port-forwarding gslb web-application-security web-ssh cookie-banner application-gateway load-balance janusec-application-gateway janusec k8s-ingress-controller cookie-compliance

UpdatedAug 23, 2025
Go

sh4hin /Androl4b

Star1.2k

A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis

android reverse-engineering penetration-testing application-security malware-analyzer mobile-security

UpdatedMay 31, 2023

Quitten /Autorize

Star1.1k

Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests

authorization application-security jython burp-plugin burpsuite authorization-enforcement

UpdatedJul 3, 2025
Python

Improve this page

Add a description, image, and links to theapplication-security topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with theapplication-security topic, visit your repo's landing page and select "manage topics."

Learn more

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

application-security

Here are 365 public repositories matching this topic...

OWASP /CheatSheetSeries

chaitin /SafeLine

juice-shop /juice-shop

OWASP /wstg

paragonie /awesome-appsec

urbanadventurer /WhatWeb

jassics /security-study-plan

payloadbox /command-injection-payload-list

ComplianceAsCode /content

s4n7h0 /xvwa

metlo-labs /metlo

harsh-bothra /learn365

JakobTheDev /awesome-devsecops

Safe3 /uusec-waf

openappsec /openappsec

m14r41 /PentestingEverything

user1342 /Awesome-Android-Reverse-Engineering

Janusec /janusec

sh4hin /Androl4b

Quitten /Autorize

Improve this page

Add this topic to your repo