Security has two difficult tasks: designing smart ways of getting new information, and keeping track of findings to improve remediation …

Security has two difficult tasks: designing smart ways of getting new information, and keeping track of findings to improve remediation …
Vulnerable client-server application (VuCSA) is made for learning/presenting how to perform penetration tests of non-http thick clients. It is written …
Deliberately vulnerable CI/CD environment. Hack CI/CD pipelines, capture the flags. Created by Cider Security. Description The CI/CD Goat project allows …
njsscan is a static application testing (SAST) tool that can find insecure code patterns in your node.js applications using simple …
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx. …
The HUD is new interface that provides the functionality of ZAP directly in the browser. Learn more: Using the HUD …
Git All the Payloads! A collection of web attack payloads. Pull requests are welcome! Usagerun ./get.sh to download external payloads …