KushalVenkatesh

bopscrk

Tool to generate smart and powerful wordlists

CheatSheetSeries

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

drek

A static-code-analysis tool for performing security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a large application, with an emphasis on identifying development anti-patterns and footguns.

faraday

Collaborative Penetration Test and Vulnerability Management Platform

graudit

grep rough audit - source code auditing tool

HUNT

megagrep

Megagrep helps beginning a code review by searching for keywords in the code using "grep". It does not search for vulnerabilities directly but for places where you could manually find some.

msfpc

MSFvenom Payload Creator (MSFPC)

Python-Penetration-Testing-Cookbook

Python Penetration Testing Cookbook, published by Packt

Application-Security-Interview-Questions

Here are some common interview questions for an application security position you can review for your own interview, along with example answers

awesome-appsec

A curated list of resources for learning about application security

burp-log4shell

Log4Shell scanner for Burp Suite

code-reviews

code reviews to practice

CodeAllTheThings

A list of threat sinks used in the manual security source code review for application security

cpython

The Python programming language

HopLa

HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite

OWASP-Testing-Checklist

OWASP based Web Application Security Testing Checklist is an Excel based checklist which helps you to track the status of completed and pending test cases.

OWASP-Web-Checklist

OWASP Web Application Security Testing Checklist

PassGen

A targeted password brute force tool

Pycreviewer

C source code reviewing tool in Python.

secure-code-review-checklist

secure-code-review-checklist-1

A starter secure code review checklist

secure-paper-bidding

Code repo for the ICML 2021 paper "Making Paper Reviewing Robust to Bid Manipulation Attacks".

secure_code_review_checklist

semgrep

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

sonarqube

Continuous Inspection

Symantec-Site-Review-Automation

This application lets you test the websites stored as a list in the excel sheet and check their category as per Symantec security rate

wastc

Secure-D Web Application Security Test Checklist summarizes well-known weaknesses, vulnerabilities and best practices into review topics with short description and recommendation. Its objective is to aid penetration tester to review the web application thoroughly.

web-pentesting

Repo oriented to web app testing

github-slideshow

A robot powered training repository :robot: