The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
- Updated
Nov 19, 2025 - Python
#
application-security
Here are 69 public repositories matching this topic...
Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
- Updated
Jul 3, 2025 - Python
Mantis is a security framework that automates the workflow of discovery, reconnaissance, and vulnerability scanning.
osint application-security pentesting recon bugbounty hacktoberfest security-tools product-security attack-surface-management caasm
- Updated
Mar 21, 2025 - Python
Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.
python security phishing python3 emails cybersecurity penetration-testing spf infosec application-security pentesting appsec dmarc deliverability email-security redteam penetration-testing-tools
- Updated
Sep 20, 2025 - Python
A deliberately vulnerable banking application designed for practicing Security Testing of Web App, APIs, AI integrated App and secure code reviews. Features common vulnerabilities found in real-world applications, making it an ideal platform for security professionals, developers, and enthusiasts to learn pentesting and secure coding practices.
- Updated
Oct 13, 2025 - Python
Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
security application-security security-vulnerability bugbounty vulnerability-management vulnerability-assessment network-security security-tools pentest-tool security-testing penetration-testing-framework cve-search cve-databases product-security
- Updated
Jul 18, 2018 - Python
A Burp Suite extension for identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violations. It supports dynamic payload generation, including BCheck syntax, and can automatically generate Bambdas scripts. Additionally, it offers "Copy as JavaScript" to convert HTTP requests for enhanced XSS testing.
hacking cybersecurity penetration-testing application-security pentesting appsec hacking-tool burpsuite offsec burp-extensions offensivesecurity
- Updated
Nov 19, 2025 - Python
Fast Advanced Spam Analysis Tool
python docker security ansible ansible-playbook docker-image smtp outlook application-security mail-analyzer spam-analyzer streamparse apache-storm dialect spamscope
- Updated
Aug 6, 2025 - Python
A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestration
- Updated
Oct 2, 2025 - Python
Web Application Security Testing Tools
- Updated
Mar 13, 2024 - Python
Burp Suite extension for bypassing client-side encryption for pentesting and bug bounty
python security encryption cybersecurity penetration-testing bug-bounty infosec application-security pentesting bugbounty burp-plugin burpsuite burp-extensions burpsuite-extender
- Updated
Nov 21, 2025 - Python
MCP server for JADX-AI Plugin
python ai mcp reverse-engineering application-security mobile-security android-reverse-engineering android-hacking vapt llm model-context-protocol mcp-servers mcp-server model-context-protocol-server
- Updated
Nov 21, 2025 - Python
This repository contains cheatsheets and payloads compiled from completing the labs at PortSwigger Academy.
- Updated
Dec 29, 2024 - Python
Detects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.
python automation jwt authentication authorization jwt-tokens application-security pentesting bugbounty appsec vulnerability-assessment jwt-algorithm security-enthusiasts jwt-algorithm-confusion-attack
- Updated
Jun 17, 2025 - Python
Tool for breaking into web applications.
- Updated
Aug 16, 2019 - Python
SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing
windows active-directory penetration-testing sql-injection mssql application-security burp-plugin burp-extensions user-enumeration
- Updated
May 10, 2020 - Python
Identifying Open-Source License Violation and 1-day Security Risk at Large Scale
- Updated
Jan 23, 2018 - Python
Vimana is a modular security framework for auditing Python APIs and Web applications. The plugin-based architecture enables security professionals to assess, fuzz, and analyze Python projects through automated and manual techniques.
experimental django-application hacking django-templates secops application-security flask-security information-security hacking-tool python-security django-template-language devsecops security-framework hacking-framework python3-application hackingtools django-security
- Updated
Nov 9, 2025 - Python
A small tool to help developers understand a huge set of security requirements from appsec teams
- Updated
Sep 2, 2022 - Python
A security tool designed to perform thorough scans on a target using OpenVAS, Zap, and Nexpose. It seamlessly consolidates and integrates the scan results, providing a comprehensive overview of the security vulnerabilities identified.
cli security-audit zap owasp application-security security-vulnerability openvas owasp-zap security-scanner nexpose security-tools web-application-security security-testing owasp-top openvas-cli openvas-reports
- Updated
Oct 1, 2025 - Python
Improve this page
Add a description, image, and links to the application-security topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the application-security topic, visit your repo's landing page and select "manage topics."