Automated Security Testing For REST API's
-
Updated
Jun 5, 2024 - Python
Automated Security Testing For REST API's
An open source threat modeling tool from OWASP
Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
BI, API and Automation layer for your Engineering Operations data
A DevOps framework for the SDLC with the power of Nix and Flakes. Good for keeping deadlines!
Collection of articles, books, and recommendations for senior-level interviews and assessments
SecHub provides a central API to test software with different security tools.
Corsair_scan is a security tool to test Cross-Origin Resource Sharing (CORS).
sdlc 是一个基于 Go 语言构建的安全漏洞示范平台,旨在促进 DevSecOps 和安全开发生命周期 (SDLC) 实践。它通过模拟常见漏洞来增强开发人员的安全意识,除了可以用于devsecops以外,还可以用于安全行业从事者学习漏洞知识或者渗透知识,代码审计,提供了一个实践和学习的环境。本项目采用了前后端分离的设计模式,其中后端利用了轻量级框架 Gin,而前端则使用了 Vue 3。
Airbyte connectors (sources & destinations) + Airbyte CDK for JavaScript/TypeScript
sdlc_python 是一个基于python语言构建的devsecops平台,旨在促进 DevSecOps 和安全开发生命周期 (SDLC) 实践。它通过模拟常见漏洞来增强开发人员的安全意识(对应sdlc中对开发人员的安全培训),并且使用了大模型进行代码安全审计(对应sdlc中代码审计阶段),帮助企业进行安全左移。除了用于 DevSecOps 实践外,sdlc_python 还可以用于学习漏洞知识、渗透测试和代码审计。本项目采用了前后端分离的设计模式,其中后端利用了轻量级框架 Flask,而前端则使用了 Vue 3。
Dependency Combobulator
Toolmaker is a lightweight software development life cycle management platform
Desktop variant of OWASP Threat Dragon
The security workflow engine!
♾️ Collection of DevSecOps Notes + Resources + Courses + Tools
Secure SDLC process template
OWASP Ontology-driven Threat Modelling framework
tools for CI fuzzing automation
Guide, Roadmap and List of resources for a Software Tester/Quality Assurance/Test Automation Engineer
Add a description, image, and links to the sdlc topic page so that developers can more easily learn about it.
To associate your repository with the sdlc topic, visit your repo's landing page and select "manage topics."