miguelfreitas93

KotlinGoat

A damn vulnerable Kotlin Android Application

DjangoGoat

Python and Django implementation of the OWASP RailsGoat project

miguelfreitas93.github.io

OMDB-Explorer-App

An Android App that uses OMDB API

wsdl2postman

Converter of WSDL format (URLs) to Postman format (.json) v2.1

AndroidGoat

Vulnerable Android application for developers and security enthusiasts to learn about Android insecurities

APIFuzzer

Fuzz test your application using your Swagger, OpenAPI or API Blueprint definition without coding

awesome-devsecops

An authoritative list of awesome devsecops tools with the help from community experiments and contributions.

Benchmark

OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually exploitable, it’s a fair test for any kind of vulnerability detection tool. For more details on this project, please see the OWASP Benchmark Project home page.

cfn-diagram

CLI tool to visualise CloudFormation/SAM/CDK stacks as visjs networks, draw.io or ascii-art diagrams.

checkov

Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.

crAPI

completely ridiculous API (crAPI)

glue

Application Security Automation

Goatlin

(aka Kotlin Goat) - an intentionally vulnerable Kotlin application

JavaGoat

WebGoat 8.0

kics

KICS - Keeping Infrastructure as Code Secure

miguelfreitas93

Personal Repository

MindAPI

Organize your API security assessment by using MindAPI. It's free and open for community collaboration.

NodeGoat2

OWASP Juice Shop is an intentionally insecure webapp for security trainings written entirely in Javascript which encompasses the entire OWASP Top Ten and other severe security flaws.

owasp-masvs

The Mobile Application Security Verification Standard (MASVS) is a standard for mobile app security.

PHPGoat-DVWA

Damn Vulnerable Web Application (DVWA)

PythonGoat

A deliberately-vulnerable website and exercises for teaching about the OWASP Top 10

RubyGoat

A vulnerable version of Rails that follows the OWASP Top 10

RubyGoat2

A Rails application that is intentionally designed to be insecure. This is for training purposes only.

saml2

Node module to abstract away the complexities of the SAML protocol behind an easy to use interface.

ScalaGoat-Akka

TnT-Fuzzer

OpenAPI 2.0 (Swagger) fuzzer written in python. Basically TnT for your API.

truffleHog

Searches through git repositories for high entropy strings and secrets, digging deep into commit history

VisualStudio

Visual Studio Checkmarx Plugin

xss-payload-list

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List