Giters
Sonar (SonarSource)

Sonar

SonarSource

Geek Repo

The home of Clean Code

Location:Switzerland

Home Page:https://www.sonarsource.com

Twitter:@SonarSource

Github PK Tool:Github PK Tool

Sonar's repositories

argument-injection-vectors

A curated list of argument injection vectors

Language:HTMLLicense:GPL-3.0Stargazers:34Issues:0Issues:0

travis-utils

Toolset for SonarSource jobs on Travis

Language:ShellLicense:LGPL-3.0Stargazers:8Issues:0Issues:0

php-test-sources

Language:PHPLicense:LGPL-3.0Stargazers:4Issues:21Issues:0

Benchmark

OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually exploitable, it’s a fair test for any kind of vulnerability detection tool. For more details on this project, please see the OWASP Benchmark Project home page.

Language:JavaLicense:GPL-2.0Stargazers:3Issues:9Issues:0

buildTools

DEPRECATED

Language:PythonLicense:LGPL-3.0Stargazers:3Issues:16Issues:0

sonar-config

Configuration for SonarIaC plugin

Language:JavaLicense:LGPL-3.0Stargazers:3Issues:16Issues:0

Damn-Vulnerable-GraphQL-Application

Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.

Language:JavaScriptLicense:MITStargazers:2Issues:1Issues:0

FlowBlot.NET

FlowBlot is static code analysis benchmark project by Codethreat, including sink-source challenges grouped into various technical analysis concepts.

License:GPL-3.0Stargazers:2Issues:0Issues:0

goof

Super vulnerable todo list application

Language:JavaScriptLicense:Apache-2.0Stargazers:2Issues:2Issues:0

interns.wearesonarsource.com

Language:HTMLLicense:LGPL-3.0Stargazers:2Issues:19Issues:0

juice-shop

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

Language:TypeScriptLicense:MITStargazers:2Issues:2Issues:0

official-images

Primary source of truth for the Docker "Official Images" program

Language:ShellLicense:Apache-2.0Stargazers:2Issues:2Issues:0

skf-labs

Repo for all the OWASP-SKF Docker lab examples

Language:PythonLicense:Apache-2.0Stargazers:2Issues:2Issues:0

sonarcloud-github-static-resources

Static resources used related to GitHub

License:LGPL-3.0Stargazers:2Issues:18Issues:0

WebGoat

WebGoat 8.0

Language:JavaScriptLicense:NOASSERTIONStargazers:2Issues:0Issues:0

AltoroJ

WARNING: This app contains security vulnerabilities. AltoroJ is a sample banking J2EE web application. It shows what happens when web applications are written with consideration of app functionality but not app security. It's a simple and uncluttered platform for demonstrating and learning more about real-life application security issues.

Language:JavaLicense:Apache-2.0Stargazers:1Issues:2Issues:0

CaYC-research

Clean as You Code research

License:LGPL-3.0Stargazers:1Issues:0Issues:0

DSVW

Damn Small Vulnerable Web

License:UnlicenseStargazers:1Issues:0Issues:0

dvna

Damn Vulnerable NodeJS Application

Language:CSSLicense:MITStargazers:1Issues:2Issues:0

DVWA

Damn Vulnerable Web Application (DVWA)

Language:PHPLicense:GPL-3.0Stargazers:1Issues:7Issues:0

gh-action_nightly_build

Language:ShellLicense:LGPL-3.0Stargazers:1Issues:5Issues:0

gh-action_public_git_sync

Language:ShellLicense:LGPL-3.0Stargazers:1Issues:20Issues:0

go

The Go programming language

License:BSD-3-ClauseStargazers:1Issues:0Issues:0

mutillidae

OWASP Mutillidae II is a free, open source, deliberately vulnerable web-application providing a target for web-security enthusiast. Mutillidae can be installed on Linux and Windows using LAMP, WAMP, and XAMMP. It is pre-installed on SamuraiWTF and OWASP BWA. The existing version can be updated on these platforms. With dozens of vulnerabilities and hints to help the user; this is an easy-to-use web hacking environment designed for labs, security enthusiast, classrooms, CTF, and vulnerability assessment tool targets. Mutillidae has been used in graduate security courses, corporate web sec training courses, and as an "assess the assessor" target for vulnerability assessment software.

Language:PHPStargazers:1Issues:0Issues:0

NodeGoat

The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.

Language:HTMLLicense:Apache-2.0Stargazers:1Issues:2Issues:0

re-vault-plugins

Building plugins for HashiCorp Vault

License:LGPL-3.0Stargazers:1Issues:14Issues:0

SecurityShepherd

Web and mobile application security training platform

Language:JavaLicense:GPL-3.0Stargazers:1Issues:1Issues:0

vulnerable-node

A very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of security analyzers tools tools

Language:JavaScriptLicense:NOASSERTIONStargazers:1Issues:2Issues:0

WebGoat.Net-benchmark

OWASP WebGoat.NET

Language:C#Stargazers:1Issues:1Issues:0

xvwa

XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.

Language:PHPLicense:GPL-3.0Stargazers:1Issues:1Issues:0