Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...
-
Updated
Oct 30, 2024
Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...
vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
Java Agent is a Java application probe of DongTai IAST, which collects method invocation data during runtime of Java application by dynamic hooks.
Some good resources for getting started with application security
This repository has been merged into https://github.com/HXSecurity/DongTai. DongTai-engine used to analyze the method data collected by the probe, analyze whether there are vulnerabilities in API requests through the algorithm of taint tracking, and is also responsible for timing tasks, including: expired log cleaning, probe state maintenance, …
Contrast Security Instrumentation for Dockerized Webgoat, with lab instructions.
Vulnerable code snippets with fixes for Web2, Web3, API, iOS, Android and Infrastructure-as-Code (IaC)
Application with SQL Injection vulnerability and possible privilege escalation. Free vulnerable app for ethical hacking / penetration testing training.
Dongtai-plugin-idea is an IDEA plug-in developed by DongTai team for Java Web application developers. This plug-in provides functions such as vulnerability detection and code audit during application development, enabling developers to find application vulnerabilities more intuitively, quickly and in real time during application development.
Additional Resources For Securing The Stack Tutorials
Interactive IPython Notebook to demonstrate OWASP ZAP's API and Scripting Functions - OWASP ZAP 2.8.0
AppsecStudy - open-source elearning management system for information security
A playful introduction to web application vulnerabilities in the OWASP Top 10 while relying only on developer tools offered by modern web browsers.
Our documentation
The Good Parts of Application Security: learn how to build and test secure webapps
Add a description, image, and links to the appsec-tutorials topic page so that developers can more easily learn about it.
To associate your repository with the appsec-tutorials topic, visit your repo's landing page and select "manage topics."