The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
-
Updated
Jan 8, 2026 - Python
#
appsec
Here are 139 public repositories matching this topic...
Web path scanner
python security scanner hacking wordlist enumeration penetration-testing bug-bounty fuzzing infosec pentesting bugbounty fuzzer brute appsec hacking-tool dirsearch pentest-tool redteam red-teaming
-
Updated
Dec 26, 2025 - Python
Open Source Vulnerability Management Platform
security devops security-audit collaboration orchestration cybersecurity nmap penetration-testing vulnerability infosec pentesting cve nessus appsec vulnerability-management vulnerability-scanners burpsuite security-automation devsecops continuous-scanning
-
Updated
Dec 11, 2025 - Python
w3af: web application attack and audit framework, the open source web vulnerability scanner.
-
Updated
Feb 22, 2023 - Python
CTF challenge (mostly pwn) files, scripts etc
exploit hacking cybersecurity infosec pwn pentesting ctf capture-the-flag binary-exploitation ctftime appsec offsec
-
Updated
Jan 2, 2026 - Python
OWASP Top 10 for Large Language Model Apps (Part of the GenAI Security Project)
-
Updated
Jan 7, 2026 - Python
Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependencies. CI and Git friendly.
-
Updated
Sep 1, 2023 - Python
A library for detecting known secrets across many web frameworks
python rails flask security jwt django cryptography symfony secrets peoplesoft asp-net express-js appsec javaserver-faces telerik-ui
-
Updated
Jan 9, 2026 - Python
Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.
python security phishing python3 emails cybersecurity penetration-testing spf infosec application-security pentesting appsec dmarc deliverability email-security redteam penetration-testing-tools
-
Updated
Dec 8, 2025 - Python
mobsfscan is a static analysis tool that can find insecure code patterns in your Android and iOS source code. Supports Java, Kotlin, Swift, and Objective C Code. mobsfscan uses MobSF static analysis rules and is powered by semgrep and libsast pattern matcher.
android kotlin java swift security ios objective-c static-analysis codereview appsec sast mobile-sast
-
Updated
Jan 31, 2025 - Python
AI-powered workflow automation and AI Agents platform for AppSec, Fuzzing & Offensive Security. Automate vulnerability discovery with intelligent fuzzing, AI-driven analysis, and a marketplace of security tools.
agent security workflow automation ai fuzzing vulnerabilities appsec offensive-security workflow-automation security-tools devsecops sast dast
-
Updated
Nov 16, 2025 - Python
Open Source Static Scanning tool to detect data flows in your code, find data security vulnerabilities & generate accurate Play Store Data Safety Report.
static-analysis compliance appsec hacktoberfest privacy-policy gdpr devsecops privacy-by-design gdpr-compliant android-privacy-tools privacy-engineering privacy-labels devprivops play-store-data-safety
-
Updated
Nov 10, 2025 - Python
This project is about creating and publishing threat model examples.
-
Updated
Nov 10, 2021 - Python
Version 0.2 - Exploit Time-based blind-SQL injection in HTTP-Headers (MySQL/MariaDB).
sql sql-injection exploitation appsec blind-sql-injection sql-payloads database-security blisqy john-ombagi
-
Updated
Mar 24, 2019 - Python
A Burp Suite extension for identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violations. It supports dynamic payload generation, including BCheck syntax, and can automatically generate Bambdas scripts. Additionally, it offers "Copy as JavaScript" to convert HTTP requests for enhanced XSS testing.
hacking cybersecurity penetration-testing application-security pentesting appsec hacking-tool burpsuite offsec burp-extensions offensivesecurity
-
Updated
Dec 2, 2025 - Python
Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer
python security scanner hacking penetration-testing bug-bounty pentesting pentest appsec dirbuster netstalking scanner-web
-
Updated
Nov 8, 2020 - Python
Threat Designer is a GenerativeAI application designed to automate and streamline the threat modeling process for secure system design.
cybersecurity threat-modeling appsec devsecops threat-modeling-tool threatmodeling threatmodelling generativeai agentic-ai
-
Updated
Jan 9, 2026 - Python
Improve this page
Add a description, image, and links to the appsec topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the appsec topic, visit your repo's landing page and select "manage topics."