owasp-top-10
Here are 277 public repositories matching this topic...
Language:All
Sort:Most stars
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
- Updated
Mar 18, 2025 - TypeScript
🎯 SQL Injection Payload List
- Updated
Jul 18, 2024
A comprehensive guide for web application penetration testing and bug bounty hunting, covering methodologies, tools, and resources for identifying and exploiting vulnerabilities.
- Updated
Sep 20, 2024
OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security training. This is an easy-to-use web hacking environment designed for labs, security enthusiasts, classrooms, CTF, and vulnerability assessment tool targets.
- Updated
Feb 26, 2025 - PHP
Proactive, Open source API security → API discovery, API Security Posture, Testing in CI/CD, Test Library with 1000+ Tests, Add custom tests, Sensitive data exposure
- Updated
Mar 18, 2025 - Java
vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
- Updated
Jan 10, 2025 - HTML
A Huge Learning Resources with Labs For Offensive Security Players
- Updated
Jul 13, 2022
A laboratory for learning secure web and mobile development in a practical manner.
- Updated
Sep 25, 2024 - PHP
Damn Vulnerable NodeJS Application
- Updated
Mar 27, 2024 - SCSS
Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking.https://gapps.darkbanner.com
- Updated
Jan 13, 2025 - HTML
OWASP iGoat (Swift) - A Damn Vulnerable Swift Application for iOS
- Updated
Jul 19, 2024 - C
Think of Local sheriff as a recon tool in your browser (WebExtension). While you normally browse the internet, Local Sheriff works in the background to empower you in identifying what data points (PII) are being shared / leaked to which all third-parties.
- Updated
Dec 11, 2022 - JavaScript
Roadmap for Web Application Penetration Testing | FREE Resources (Not Pirated)
- Updated
Aug 25, 2023 - Python
Enhance the security of your web applications effortlessly with AWS Firewall Factory. Safeguard your valuable assets through seamless WAF deployment, updates, and staging, all centrally managed with AWS Firewall Manager.
- Updated
Mar 17, 2025 - TypeScript
Bypass 4xx HTTP response status codes and more. The tool is based on Python Requests, PycURL, and HTTP Client.
- Updated
Mar 17, 2025 - Python
🚀 Join us for 30days of daily API security tests. #30days30tests We've spent last 120days building amazing API security tests for the community. Next 30 days we will post test tutorials here.
- Updated
May 22, 2023
OWASP ASST (Automated Software Security Toolkit) | A Novel Open Source Web Security Scanner.
- Updated
Jan 22, 2025 - JavaScript
A burp suite extension that reviews backup, old, temporary and unreferenced files on web server for sensitive information (OWASP WSTG-CONF-04, OTG-CONFIG-004)
- Updated
Mar 27, 2024 - Java
Vulnerable code snippets with fixes for Web2, Web3, API, iOS, Android and Infrastructure-as-Code (IaC)
- Updated
Aug 23, 2024
API Security Vulnerability Scanner designed to help you secure your APIs.
- Updated
Mar 16, 2025 - Go
Improve this page
Add a description, image, and links to theowasp-top-10 topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with theowasp-top-10 topic, visit your repo's landing page and select "manage topics."