The ZAP by Checkmarx Core project
-
Updated
Aug 15, 2025 - Java
#
appsec
Here are 35 public repositories matching this topic...
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
security owasp bom vulnerabilities appsec component-analysis nvd vulnerability-detection hacktoberfest sca software-security security-automation devsecops software-composition-analysis bill-of-materials ossindex purl package-url sbom cyclonedx
-
Updated
Aug 14, 2025 - Java
TCP/UDP Non-HTTP Proxy Extension (NoPE) for Burp Suite.
protobuf tcp proxy udp websockets hacking pentesting tcpproxy appsec mitmproxy burp-plugin burpsuite burp-extensions burpsuite-extender appsecurity updproxy
-
Updated
May 25, 2024 - Java
Oversecured Vulnerable Android App
-
Updated
Jul 18, 2024 - Java
Integrates Dependency-Check reports into SonarQube
security sonarqube owasp visibility vulnerabilities appsec component-analysis nvd sonar-plugin software-security vulnerable-components
-
Updated
Aug 15, 2025 - Java
SecHub provides a central API to test software with different security tools.
api client security build rest server continuous-integration orchestration k8s appsec vulnerability-scanners security-scanner secdevops sdlc security-automation security-tools security-testing sast dast sechub
-
Updated
Aug 15, 2025 - Java
OWASP VulnerableApp Project: For Security Enthusiasts by Security Enthusiasts.
javascript css java spring-boot owasp vulnerability appsec hacktoberfest owasp-zap burpsuite vulnerable-application vulnerability-scanning payload-testing learn-security test-vulnerability-scanning-tools practice-hacking
-
Updated
Jul 16, 2025 - Java
Java web and command line applications demonstrating various security topics
java security csp cryptography spring spring-boot xss owasp spring-security csrf appsec java-web esapi java-security google-tink security-topics
-
Updated
Jul 25, 2025 - Java
A simple Java command-line utility to mirror the CVE JSON data from NIST.
-
Updated
Nov 4, 2022 - Java
This repo contains the code for my secure code review challenges
-
Updated
Aug 1, 2025 - Java
Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).
security devops owasp jenkins-plugin visibility vulnerabilities appsec component-analysis nvd software-security owasp-dependencycheck
-
Updated
Aug 1, 2025 - Java
Vulnerable Client-Server Application (VuCSA) is made for learning how to perform penetration tests of non-http thick clients. It is written in Java (with JavaFX graphical user interface) and contains multiple challenges including SQL injection, RCE, XML vulnerabilities and more.
java security hacking challenges penetration-testing rce sql-injection vulnerability application-security ctf capture-the-flag client-server vulnerable appsec vulnerable-application ctf-challenges remote-code-execution vulnapp vulnerable-app thick-client
-
Updated
Sep 9, 2023 - Java
A Java library for parsing and programmatically using threat models
-
Updated
Feb 15, 2023 - Java
This extension adds a search bar to the Repeater tab that can be used to highlight all repeater tabs where the request and/or response matches a query via simple text matching or Regex.
-
Updated
Oct 20, 2023 - Java
Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. Sugar-Free and Secure: no any external dependencies except for chart plotting are used
threat application-security threat-modeling appsec threat-model secure-development devsecops threat-modeling-tool threat-models threat-modeling-from-code
-
Updated
Jun 25, 2025 - Java
Ziti SDK for JVM
kotlin java security sdk netsec appsec zero-trust zerotrust zero-trust-network zero-trust-network-access ztna zero-trust-security openziti
-
Updated
Aug 11, 2025 - Java
Main repository for the official Dependency-Track Jenkins plugin
jenkins security builder owasp jenkins-plugin bom report appsec component-analysis jenkins-pipeline sbom
-
Updated
Aug 15, 2025 - Java
A simple Java command-line utility to mirror the entire contents of VulnDB.
-
Updated
Jul 15, 2025 - Java
Vendor-Neutral Security Tool Automation Controller (over REST)
security devops automation rest zap dynamic-analysis burp appspider nessus appsec software-security threadfix webinspect
-
Updated
Jun 28, 2019 - Java
Improve this page
Add a description, image, and links to the appsec topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the appsec topic, visit your repo's landing page and select "manage topics."