vapi
ASVS
vapi | ASVS | |
---|---|---|
3 | 8 | |
1,115 | 2,534 | |
- | 1.6% | |
1.1 | 9.4 | |
9 months ago | 6 days ago | |
HTML | HTML | |
GNU General Public License v3.0 only | Creative Commons Attribution Share Alike 4.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
vapi
-
Assistance with vAPI Docker Compose Not Initiating 80:80 `vapi-www` Container
I have cloned Git Repo to my local Mac on Big Ventura for vAPI and running:
- A good course on API Tesing?
- Looking for webapp/api related books recommendations
ASVS
-
A Decade of Have I Been Pwned
2. See OWASP ASVS 4.0 2.1.7 https://github.com/OWASP/ASVS/blob/master/4.0/en/0x11-V2-Aut..., See
-
API Configuration
Go through all OWASP ASVS test cases which relate to APIs: https://github.com/OWASP/ASVS
-
Dozens of high-traffic websites vulnerable to ‘account pre-hijacking’, study
- Unexpired Email Change (UE)
possibly CWE-306?
CWE-306: Missing Authentication for Critical Function <https://cwe.mitre.org/data/definitions/306.html>
and for OWASP ASVP <https://owasp.org/www-project-application-security-verificat...> possibly 3.7.1?<https://github.com/OWASP/ASVS/blob/v4.0.3_release/4.0/en/0x1...>
3.7.1
- What security measures should one keep in mind when developing a fin-tech app ?
- Looking for webapp/api related books recommendations
- Is storing JSON Web token in local storage safe?
- How to setup a workflow for scanning?
-
best programming language.
If you want to ensure a high level of security and data protection for your web app, look no further than the OWASP ASVS: https://github.com/OWASP/ASVS
What are some alternatives?
django-DefectDojo - DevSecOps, ASPM, Vulnerability Management. All on one platform.
owasp-masvs - The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.
lockphish - Lockphish it's the first tool (07/04/2020) for phishing attacks on the lock screen, designed to grab Windows credentials, Android PIN and iPhone Passcode using a https link.
CheatSheetSeries - The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
31-days-of-API-Security-Tips - This challenge is Inon Shkedy's 31 days API Security Tips.
NodeGoat - The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.
sqli-postgres-rce-privesc-hacking-playground - Application with SQL Injection vulnerability and possible privilege escalation. Free vulnerable app for ethical hacking / penetration testing training.
gapps - Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking. https://gapps.darkbanner.com
juice-shop - OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
hacktoberfest2022 - Use this repo for your first time Contributions. Find UI bugs, add improvements anything related to the repo.
Web-Development-Projects - Repo for Web Development Projects