Jeff Williams's starred repositories
BenchmarkJava
OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually exploitable, it’s a fair test for any kind of vulnerability detection tool. For more details on this project, please see the OWASP Benchmark Project home page.
www-project-top-10-for-large-language-model-applications
OWASP Foundation Web Respository
contrast-rO0
A tiny Java agent that blocks attacks against unsafe deserialization
contrastscan-action
Contrast Scan GitHub action
sbom-comparator
Lockheed Martin developed utility to compare two CycloneDX SBOMs
contrast-sca-action
Contrast SCA GitHub Action
integration-eks-github-action
A github action that builds, deploys, and instruments a Contrast Security Agent with an application via Amazon Elastic Kubernetes Service.
integration-aks-github-action
A github action that builds, deploys, and instruments a Contrast Security Agent with an application via Azure Kubernetes Service.
integration-azure-spring-cloud-github-action
A github action that deploys and instruments a Contrast Security Agent with an application via Azure Spring Cloud.
integration-verify-github-action
GitHub Action to verify an application by determining whether the application violates a job outcome policy or threshold of open vulnerabilities
spring-petclinic
Spring PetClinic modified to include vulnerabilities for the purpose of demonstrating the power of IAST and RASP.