webappsec

Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer

xss vulnerability infosec application-security interview-questions appsec webappsec sdlc websecurity devsecops security-engineering websec websecurity-reference security-team security-engineer-interview

Updated Aug 7, 2020

softrams / bulwark

Star

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

nodejs angular express typescript application-security pentesting typeorm bugbounty appsec vulnerability-management vulnerability-assessment red-team webappsec security-tools vulnerability-report blue-team vulnerability-research security-tool penetration-testing-tools

Updated Aug 1, 2021
TypeScript

thomaspatzke / WASE

Star

The Web Audit Search Engine - Index and Search HTTP Requests and Responses in Web Application Audits with ElasticSearch

elasticsearch blog-article pentesting burp burp-plugin webappsec

Updated Oct 27, 2020
Python

VainlyStrain / Vaile

Star

Metasploit-like pentest framework derived from TIDoS (https://github.com/0xInfection/TIDoS-Framework)

osint scanner python3 enumeration pentesting scanning exploitation exploitation-framework vulnerability-scanners webappsec web-pentest web-application-security reconnaissance pentest-tool vulnerability-analysis penetration-testing-framework information-disclosure tidos-framework

Updated Dec 16, 2020
Python

ekoparty / ekolabs

Star

EKOLABS esta dedicada para investigadores independientes y para la comunidad del Software Libre. Vamos a proveer de stands completos con monitor, alimentacion de energia y acceso a internet por cable, y vos vas a traer tu maquina para mostrar tu trabajo y responder preguntas de los participantes de Ekoparty Security Conference

networking pentesting security-vulnerability scanning webapps webappsec security-tools

Updated Mar 20, 2020

Dhamuharker / Xss-

Star

Awesome XSS Payloads

xss webappsec security-tools

Updated Feb 24, 2016

snsttr / diwa

Star

A Deliberately Insecure Web Application

training docker php education security practice webserver hacking xss brute-force-attacks learn sql-injection csrf infosec web-security choice webappsec security-threats owasp-top-10 session-fixation sensitive-data-exposure session-hijacking local-file-inclusion path-traversal

Updated Jan 9, 2020
PHP

OWASP / www-project-vulnerable-web-applications-directory

Star

The OWASP Vulnerable Web Applications Directory (VWAD) Project - OWASP Web Site

owasp appsec webappsec vulnerable-web-app vulnerable-web-application vulnerable-applications

Updated Jul 18, 2021
HTML

ScriptKKiddie / WebAppSec-Testing

Star

ScriptKKiddie's WebAppSec Testing or Web Application Security Testing based on OWASP is a repository that contains useful resources, & stuffs helpful for Web Application Penetration Testing. By @ScriptKKiddie