traw's repositories
ant-application-security-testing-benchmark
xAST评价体系,让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".
aws-dev-sec-ops
Advanced AWS Security Automation Resources: Used by Udemy Course 🎓
Checklists
Red Teaming & Pentesting checklists for various engagements
hapipal-realworld-example-app
Exemplary real world application built with hapi pal
ikos-docker
ikos-docker
java-sec-code
Java web common vulnerabilities and security code which is base on springboot and spring security
juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
katacoda-scenarios
Katacoda Scenarios
moleculer-node-realworld-example-app
Exemplary real world application built with Moleculer
OSCP-Exam-Report-Template
Modified template for the OSCP Exam and Labs. Used during my passing attempt
Penetration-Testing-Grimoire
Custom Tools and Notes from my own Penetration Testing Experience
security-study-plan
Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...
sonar-cnes-report
Generates analysis reports from SonarQube web API.
spincast-realworld
Realworld.io backend implementation using Spincast Framework
threat-modeling-training
Segment's Threat Modeling training for our engineers
uWebSockets
Tiny WebSockets
vulnerable-java-application
This repository contains a sample Java application vulnerable to command injection and server-side request forgery (SSRF).