Top #appsec Tools & Software

CheatSheetSeries

github

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

SafeLine

github

SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.

zaproxy

github

The ZAP by Checkmarx Core project

dirsearch

github

Web path scanner

juice-shop

github

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

wstg

github

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

awesome-web-hacking

github

A list of web application security

WhatWeb

github

Next generation web scanner

Security-101

github

8 Lessons, Kick-start Your Cybersecurity Learning.

faraday

github

Open Source Vulnerability Management Platform

w3af

github

w3af: web application attack and audit framework, the open source web vulnerability scanner.

django-DefectDojo

github

Open-Source Unified Vulnerability Management, DevSecOps & ASPM

interactsh

github

An OOB interaction gathering server and client library

dependency-track

github

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

bearer

github

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

kics

github

Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.

cicd-goat

github

A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.