appsec-tutorials

Star

Here are 19 public repositories matching this topic...

Language:All

Filter by language

All19 Java5 JavaScript4 Dockerfile1 HTML1 Jupyter Notebook1 PHP1 Python1

Sort:Most stars

Sort options

Most stars Fewest stars Most forks Fewest forks Recently updated Least recently updated

jassics /security-study-plan

Star4.8k

Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...

cybersecurity infosec application-security pentesting study-guide appsec aws-security study-plan security-testing api-security azure-security appsec-tutorials gcp-security devsecops-university cybersecurity-education study-planner

UpdatedDec 1, 2025

roottusk /vapi

Star1.3k

vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.

api docker php cors owasp postman exercises bugbounty appsec hacktoberfest vulnerable-application owasp-top-10 owasp-top-ten appsec-tutorials apitop10 hacktoberfest-accepted

UpdatedJan 10, 2025
HTML

HXSecurity /DongTai-agent-java

Star694

Java Agent is a Java application probe of DongTai IAST, which collects method invocation data during runtime of Java application by dynamic hooks.

java agent iast devsecops appsec-tutorials applicationsecuritymonitoring dongtai-iast security-scan

UpdatedDec 25, 2023
Java

yevh /VulnPlanet

Star164

Vulnerable code snippets with fixes for Web2, Web3, API, iOS, Android and Infrastructure-as-Code (IaC)

android api security ios code waf owasp poc vulnerability application-security pentesting vulnerabilities bugbounty web3 cve owasp-top-10 web2 codesecurity appsec-tutorials appsecurity

UpdatedAug 23, 2024

security-prince /Resources-for-Application-Security

Star142

Some good resources for getting started with application security

owasp infosec application-security ctf php-security appsec infosec-reference web-hacking websecurity security-engineering websec websecurity-reference appsec-tutorials

UpdatedJun 2, 2021

filipkarc /sqli-postgres-rce-privesc-hacking-playground

Star83

Application with SQL Injection vulnerability and possible privilege escalation. Free vulnerable app for ethical hacking / penetration testing training.

development hacking owasp penetration-testing infosec pentesting security-vulnerability bugbounty appsec sqlmap offensive-security offsec sqlinjection oscp security-testing privesc ethicalhacking appsec-tutorials bugbountytips privelage-escalation

UpdatedSep 15, 2022
PHP

we45 /ZAP-Mini-Workshop

Star41

Interactive IPython Notebook to demonstrate OWASP ZAP's API and Scripting Functions - OWASP ZAP 2.8.0

python jupyter-notebook owasp application-security appsec owasp-zap ipython-notebooks appsec-tutorials

UpdatedDec 8, 2022
Jupyter Notebook

SecuringTheStack /tutorials

Star40

Additional Resources For Securing The Stack Tutorials

tutorials owasp cybersecurity infosec appsec secure-coding websec appsec-tutorials

UpdatedSep 9, 2018
JavaScript

HXSecurity /DongTai-Plugin-IDEA

Star32

Dongtai-plugin-idea is an IDEA plug-in developed by DongTai team for Java Web application developers. This plug-in provides functions such as vulnerability detection and code audit during application development, enabling developers to find application vulnerabilities more intuitively, quickly and in real time during application development.

security code-quality idea-plugin intellij-platform iast devsecops appsec-tutorials applicationsecuritymonitoring dongtai-iast

UpdatedOct 17, 2023
Java

rstatsinger /contrast-java-webgoat-docker

Star27

Contrast Security Instrumentation for Dockerized Webgoat, with lab instructions.

security iast devsecops appsec-tutorials applicationsecuritymonitoring

UpdatedJun 9, 2022
Dockerfile

HXSecurity /DongTai-engine

Star20

This repository has been merged intohttps://github.com/HXSecurity/DongTai. DongTai-engine used to analyze the method data collected by the probe, analyze whether there are vulnerabilities in API requests through the algorithm of taint tracking, and is also responsible for timing tasks, including: expired log cleaning, probe state maintenance, …

docker django code-quality iast appsec-tutorials secuity applicationsecuritymonitoring dongtai-iast dongtai

UpdatedApr 12, 2022
Python

zzzteph /appsec.study

Sponsor

Star9

AppsecStudy - open-source elearning management system for information security

learning tutorial penetration-testing appsec-tutorials

UpdatedJan 9, 2024
JavaScript

wooyeol /reactnative_appsec

Star5

React Native AppSec Sample

security react-native appsec-tutorials

UpdatedApr 19, 2019
Java

thegoodparts /appsec

Star3

The Good Parts of Application Security: learn how to build and test secure webapps

java security spring spring-boot owasp sql-injection security-vulnerability appsec websecurity security-testing spring-boot-2 appsec-tutorials unvalidated-redirect

UpdatedNov 13, 2019
Java

jeroenvdmeer /cyberescaperoom

Star2

A playful introduction to web application vulnerabilities in the OWASP Top 10 while relying only on developer tools offered by modern web browsers.

security information owasp cybersecurity infosec ctf cyber appsec owasp-top-10 devsecops ctf-challenges appsec-tutorials

UpdatedJan 7, 2023
JavaScript

tienanh1211 /Study-Planner

Star1

Collaborate effectively with the Study Planner app. Organize study groups, track tasks, and chat in real-time. 🌟📅 Join us on GitHub!

java windows linux docker students open-source planner cross-platform docker-compose polito javafx pentesting flutter contributions-welcome azure-security appsec-tutorials devsecops-university study-planner

UpdatedAug 26, 2025
JavaScript

httpnotonly /AppSec-guidelines-ru

Star0

Гайды на русском

guidelines appsec appsec-tutorials appsecrussia

UpdatedDec 13, 2018

sahildari /secure-coding-examples

Sponsor

Star0

This repository provides practical examples for developers and security professionals seeking to implement secure coding practices in their applications and operational workflows. It covers common security vulnerabilities such as path manipulation, file upload flaws, and input validation issues, offering robust solutions to mitigate these risks.

fortify secure-coding sast appsec-tutorials checkmarx