This is your work, valued

United Kingdom

Simon Bennetts

Elite
@psiinon

@zaproxy project lead.

open-source-web-scanners. A list of open source web security scanners

1.6k

bodgeit. The BodgeIt Store is a vulnerable web application which is currently aimed at people who are new to pen testing.

286

open-source-llm-scanners.

108

owasp-top-10-top-10s.

37

owasp-projects.

33

zaproxy. The OWASP ZAP core project

7

pwning-juice-shop. GitBook markdown content for the eBook "Pwning OWASP Juice Shop"

2

zap-hud. The OWASP ZAP Heads Up Display (HUD)

2

zaproxy-release. Test mirroe

2

minion-garmr. plugin service, plugin spec, and garmr plugin for minion

2

DevSecOpsGuideline. The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.

1

skf-www. Public Website of SKF

1

Benchmark. The OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. As it is written in Java, it supports Java Static Analysis Security Testing Tools (SAST). It’s also a fully runnable web application, so it supports Dynamic Analysis Security Testing Tools (DAST), like OWASP ZAP, and Interactive Analysis Security Testing Tools (IAST) that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually exploitable, it’s a fair test for any kind of vulnerability detection tool. For more details on this project, please see the OWASP Benchmark Project home page.

1

security-crawl-maze. Security Crawl Maze is a comprehensive testbed for web security crawlers. It contains pages representing many ways in which one can link resources from a valid HTML document.

1

blurts-server. Prototyping for upcoming Breach Alerts feature in Firefox

1

addons-server. 🕶 addons.mozilla.org Django app and API 🎉

1

puppet. Server automation framework and application

1

websec-check. repo and tooling for https://wiki.mozilla.org/Security/FirefoxOperations#Security_Checklist

1

contributor_covenant. Pledge your respect and appreciation for contributors of all kinds to your open source project.

1

Hacking-Tools-Repository. A list of security/hacking tools that have been collected from the internet. Suggestions are welcomed.

1

browser-extension-1. A Out of the Box 🎁 Browser Extension Template with support for React, Typescript, Preact

1

zap-plugin. The OWASP ZAP Jenkins Plugin extends the functionality of the ZAP security tool into a CI Environment.

1

foxsec-tools. Tooling to support common tasks, particularly for working with metrics

1

cii-best-practices-badge. Core Infrastructure Initiative Best Practices Badge

1

find-package-rugaru. Tools for finding suspicious werewolf / rugaru / rougarou-like packages

1

packman. A documentation and tracking project with the goal of making package management systems more secure.

1

jnats. A Java client for NATS

1

iprepd. Centralized IP reputation daemon

1

dependency-observatory. Mozilla's Dependency Observatory

1

oss2019. Open Security Summit 2019

1

owasp-swag. Swag for the OWASP projects and chapters

1

bedrock. Making mozilla.org awesome, one pebble at a time

1

zap-auth-dt. ZAP Auth Decision Tree - temp test repo

1

owasp-summit-2017. Content for OWASP Summit 2017 site

1

zap-media-resources.

1

zap-extensions. OWASP ZAP Add-ons

1

Plug-n-Hack. Stuff relating to Plug-n-Hack; documents, browser independent scripts, tests, etc.

1

homebrew-cask. A CLI workflow for the administration of Mac applications distributed as binaries

1