tjarrettveracode Goto Github PK

.github

Organization template repository

awesome-sca

A comprehensive list of software composition analysis tools.

azure-docs

Open source documentation of Microsoft Azure

benchmark

OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually exploitable, it’s a fair test for any kind of vulnerability detection tool. For more details on this project, please see the OWASP Benchmark Project home page.

bodgeit

The BodgeIt Store is a vulnerable web application which is currently aimed at people who are new to pen testing.

bulkupload

bunny

A template like JSP&GSP

cfngoat

Cfngoat is Bridgecrew's "Vulnerable by Design" Cloudformation repository. Cfngoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

click2cat

Chrome extension for Click2Cat

cloudgoat

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

cyberfrat-devsecops-training-sample-flask-app

This is a sample Flaskr application created to deliver hands-on exercises in the DevSecOps Training at CyberFRAT

dsvw

Damn Small Vulnerable Web

dvna

Damn Vulnerable Node Application

dvpwa

Damn Vulnerable Python Web App

dvws-node

Damn Vulnerable Web Service is a vulnerable web service/API/application that can be used to learn webservices/API vulnerabilities.

easybuggy

Too buggy web application

electionguard-python

This repository is a "reference implementation" of ElectionGuard written in Python. This implementation can be used to conduct End-to-End Verifiable Elections as well as privacy-enhanced risk-limiting audits.

example-sbom

file-upload-lab

Damn Vulnerable File Upload V 1.1

fprime

F' - A flight software and embedded systems framework

grails-javamelody-sample-app

Grails sample application using the Javamelody 1.44 plugin to illustrate the CVE-2013-4378 vulnerability.

juice-shop

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

keep-a-changelog

If you build software, keep a changelog.

nodegoat

The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.

nosql-injection-vulnapp

NIVA is a simple web application which is intentionally vulnerable to NoSQL injection. The purpose of this project is to facilitate a better understanding of the NoSQL injection vulnerability among a wide audience of software engineers, security engineers, pentesters, and trainers.

play-webgoat

A vulnerable Play application for attackers.

privatebin

A minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256 bits AES.

pygoat

intentionally vuln web Application Security in django

railsgoat

A vulnerable version of Rails that follows the OWASP Top 10

securityshepherd

Web and mobile application security training platform