appsec-tutorials topic
DongTai-agent-java
Java Agent is a Java application probe of DongTai IAST, which collects method invocation data during runtime of Java application by dynamic hooks.
security-study-plan
Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...
vapi
vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
Resources-for-Application-Security
Some good resources for getting started with application security
DongTai-engine
This repository has been merged into https://github.com/HXSecurity/DongTai. DongTai-engine used to analyze the method data collected by the probe, analyze whether there are vulnerabilities in API req...
DongTai-Plugin-IDEA
Dongtai-plugin-idea is an IDEA plug-in developed by DongTai team for Java Web application developers. This plug-in provides functions such as vulnerability detection and code audit during application...
ZAP-Mini-Workshop
Interactive IPython Notebook to demonstrate OWASP ZAP's API and Scripting Functions - OWASP ZAP 2.8.0
sqli-postgres-rce-privesc-hacking-playground
Application with SQL Injection vulnerability and possible privilege escalation. Free vulnerable app for ethical hacking / penetration testing training.
tutorials
Additional Resources For Securing The Stack Tutorials
VulnPlanet
Vulnerable code snippets with fixes for Web2, Web3, API, iOS, Android and Infrastructure-as-Code (IaC)