webappsec

Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer

xss vulnerability infosec application-security interview-questions appsec webappsec sdlc websecurity devsecops security-engineering websec websecurity-reference security-team security-engineer-interview

Updated Aug 7, 2020

softrams / bulwark

Star

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

nodejs angular express typescript application-security pentesting typeorm bugbounty appsec vulnerability-management vulnerability-assessment red-team webappsec security-tools vulnerability-report blue-team vulnerability-research security-tool penetration-testing-tools

Updated Nov 1, 2024
TypeScript

OWASP / www-project-code-review-guide

Sponsor

Star

OWASP Code Review Guide Web Repository

guide owasp codereview appsec webappsec webappsecurity

Updated Jun 22, 2022
HTML

thomaspatzke / WASE

Sponsor

Star

The Web Audit Search Engine - Index and Search HTTP Requests and Responses in Web Application Audits with ElasticSearch

elasticsearch pentesting burp burp-plugin webappsec

Updated Oct 27, 2020
Python

Dhamuharker / Xss-

Star

Awesome XSS Payloads

xss webappsec security-tools

Updated Feb 24, 2016

snsttr / diwa

Star

A Deliberately Insecure Web Application

Updated Jan 9, 2020
PHP

VainlyStrain / Vaile

Star

Metasploit-like pentest framework derived from TIDoS (https://github.com/0xInfection/TIDoS-Framework)

osint scanner python3 enumeration pentesting scanning exploitation exploitation-framework vulnerability-scanners webappsec web-pentest web-application-security reconnaissance pentest-tool vulnerability-analysis penetration-testing-framework information-disclosure tidos-framework

Updated Dec 16, 2020
Python

ekoparty / ekolabs

Star

EKOLABS esta dedicada para investigadores independientes y para la comunidad del Software Libre. Vamos a proveer de stands completos con monitor, alimentacion de energia y acceso a internet por cable, y vos vas a traer tu maquina para mostrar tu trabajo y responder preguntas de los participantes de Ekoparty Security Conference

networking pentesting security-vulnerability scanning webapps webappsec security-tools

Updated Aug 31, 2022

OWASP / www-project-vulnerable-web-applications-directory

Sponsor

Star

The OWASP Vulnerable Web Applications Directory Project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.

owasp appsec webappsec vulnerable-web-app vulnerable-web-application vulnerable-applications

Updated Oct 29, 2024
HTML

scriptkkiddie / WebAppSec-Testing

Sponsor

Star

ScriptKKiddie's WebAppSec Testing or Web Application Security Testing based on OWASP is a repository that contains useful resources, & stuffs helpful for Web Application Penetration Testing. By @scriptkkiddie