matt-

TheGreatEscape

node_sandbox_talk

Code to go with my talk "Thinking outside the Sandbox"

inspectjs

juice-shop

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

dhis2-core

DHIS2 Core. Written in Java. Contains the service layer and Web API.

extract-zip

Zip extraction written in pure JavaScript. Extracts a zip into a directory.

faction

Pen Test Report Generation and Assessment Collaboration

goof

Super vulnerable todo list application

grok

A tool to build beautiful documentation from TypeScript declaration files

Kudobot

Local-Mock-Server

This is a Electron app for spinning up a local mock server quickly

matt-

NodeTestBench

Intentionally Vulnerable Node Applications

odoo

Odoo. Open Source Apps To Grow Your Business.

pencilblue

Business class content management for Node.js (plugins, server cluster management, data-driven pages)

pong

The classic game pong, revisited

pygoat

intentionally vuln web Application Security in django

rengine

reNgine is an automated reconnaissance framework meant for information gathering during penetration testing of web applications. reNgine has customizable scan engines, which can be used to scan the websites, endpoints, and gather information.

sample-nodejs

⛵ App Platform sample Node.js application.

server

The core infrastructure backend (API, database, Docker, etc).

simple-gradle-codemod-tutorial

An example codemodder codemod

sjr

spring-petclinic

A sample Spring-based application

threat-dragon-core

OWASP Threat Dragon core files

VulnerableApp

OWASP VulnerableApp Project: For Security Enthusiasts by Security Enthusiasts.

WebGoat

WebGoat is a deliberately insecure application

wg2

writehat

A pentest reporting tool written in Python. Free yourself from Microsoft Word.

zulip

Zulip server and webapp - powerful open source team chat

zulip-desktop

Zulip Desktop Client