Open-source projects categorized as application-security Edit details

Top 19 application-security Open-Source Projects

  • CheatSheetSeries

    The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

    Project mention: Complete Guide to Multi-Provider OAuth 2 Authorization in Node.js | | 2022-05-15

    Session Management Cheatsheet

  • juice-shop

    OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

    Project mention: Capture the flag: A Node.js web app vulnerability practice | | 2022-05-20

    Take a look at juice-shop as well.

  • Scout APM

    Less time debugging, more time building. Scout APM allows you to find and fix performance issues with no hassle. Now with error monitoring and external services monitoring, Scout is a developer's best friend when it comes to application development.

  • awesome-appsec

    A curated list of resources for learning about application security

    Project mention: Cybersecurity Repositories | | 2022-05-31


  • wstg

    The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

    Project mention: Web App Pentesting Career | | 2022-06-11

    Hi, sit and learn that's the best way, than may be EJPT.

  • WhatWeb

    Next generation web scanner

  • content

    Security automation content in SCAP, Bash, Ansible, and other formats (by ComplianceAsCode)

    Project mention: I wrote a Script to bring firefox into dISA STIG compliance on RHEL 7 & 8 systems. | | 2022-05-24
  • command-injection-payload-list

    🎯 Command Injection Payload List

  • SonarQube

    Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.

  • learn365

    This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.

    Project mention: Bug Bounty Resources | | 2022-05-29
  • Androl4b

    A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis

  • awesome-php-security

    Awesome PHP Security Resources 🕶🐘🔐

    Project mention: resources to learn to not write dangerous code and prevent attacks | | 2021-12-09

    There are some great security related resources regarding PHP in this repo:

  • Application-Security-Engineer-Interview-Questions

    Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer

    Project mention: Cybersecurity Engineer interview for healthcare. Interview help. | | 2022-02-22
  • Damn-Vulnerable-Bank

    Damn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android application security hacking skills.

  • Burp-Suite

    || Activate Burp Suite Pro with Key-Generator and Key-Loader ||

    Project mention: Pahalı olduğundan dolayı indiremediğinz yazılım var mı? Ona göre korsanını atıcam. | | 2022-06-13 buna bak

  • ThreatPlaybook

    A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestration

    Project mention: SaaS Startup Security 101 - A quick guide for building secure SaaS | | 2022-03-25

    Threat modelling Look at some lightweight incremental threat modelling reviewing new user stories and then using labels to keep track of status. There are free tools such as threat playbook as well:

  • continuous-threat-modeling

    A Continuous Threat Modeling methodology

    Project mention: Building security in to Agile Srpints | | 2022-02-08

    Also checkout the DevSLOp YouTube channel, autodesks continuous threat modeling at and OWASPs ASVS. That should set you up quite nicely.

  • awesome-ios-security

    A curated list of awesome iOS application security resources.

    Project mention: Awesome List of iOS Application Security and Penetration Testing | | 2022-05-31
  • crimson

    Reconstruction and automation of the Web Application Security Testing methodology.

  • Admin-Panel_Finder

    A burp suite extension that enumerates infrastructure and application admin interfaces (OTG-CONFIG-005)

  • UnSAFE_Bank

    Vulnerable Banking Suite

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2022-06-13.

application-security related posts


What are some of the best open-source application-security projects? This list will help you:

Project Stars
1 CheatSheetSeries 21,244
2 juice-shop 7,080
3 awesome-appsec 5,080
4 wstg 4,650
5 WhatWeb 3,964
6 content 1,630
7 command-injection-payload-list 1,365
8 learn365 1,177
9 Androl4b 981
10 awesome-php-security 800
11 Application-Security-Engineer-Interview-Questions 434
12 Damn-Vulnerable-Bank 383
13 Burp-Suite 259
14 ThreatPlaybook 230
15 continuous-threat-modeling 213
16 awesome-ios-security 203
17 crimson 124
18 Admin-Panel_Finder 93
19 UnSAFE_Bank 85
Find remote jobs at our new job board There is 0 new remote jobs listed recently.
Are you hiring? Post a new remote job listing for free.
Automate your Pull Request with Mergify
Mergify is the most powerful merge queue tool that offers speculative checks, batch merges, and multiple queueing options. Coordinated with any CI and fully integrated to GitHub. Get started or request a demo!