The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
-
Updated
May 19, 2026 - Python
#
application-security
Here are 107 public repositories matching this topic...
Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
-
Updated
Mar 21, 2026 - Python
Mantis is a security framework that automates the workflow of discovery, reconnaissance, and vulnerability scanning.
osint application-security pentesting recon bugbounty hacktoberfest security-tools product-security attack-surface-management caasm
-
Updated
Mar 21, 2025 - Python
Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.
python security phishing python3 emails cybersecurity penetration-testing spf infosec application-security pentesting appsec dmarc deliverability email-security redteam penetration-testing-tools
-
Updated
Dec 8, 2025 - Python
MCP server for JADX-AI Plugin
python ai mcp reverse-engineering application-security mobile-security android-reverse-engineering android-hacking vapt llm model-context-protocol mcp-servers mcp-server model-context-protocol-server
-
Updated
Apr 20, 2026 - Python
Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
security application-security security-vulnerability bugbounty vulnerability-management vulnerability-assessment network-security security-tools pentest-tool security-testing penetration-testing-framework cve-search cve-databases product-security
-
Updated
Jul 18, 2018 - Python
A Burp Suite extension for identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violations. It supports dynamic payload generation, including BCheck syntax, and can automatically generate Bambdas scripts. Additionally, it offers "Copy as JavaScript" to convert HTTP requests for enhanced XSS testing.
hacking cybersecurity penetration-testing application-security pentesting appsec hacking-tool burpsuite offsec burp-extensions offensivesecurity
-
Updated
May 22, 2026 - Python
Fast Advanced Spam Analysis Tool
python docker security ansible ansible-playbook docker-image smtp outlook application-security mail-analyzer spam-analyzer streamparse apache-storm dialect spamscope
-
Updated
Aug 6, 2025 - Python
A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestration
-
Updated
Feb 17, 2026 - Python
Web Application Security Testing Tools
-
Updated
Mar 13, 2024 - Python
A Claude Code skill bundle for bug hunting and external red-team work - 51 skills, 15 slash commands, 574+ disclosed-report patterns curated across 24 vulnerability classes, plus enterprise identity + infrastructure attack matrices.
bug-bounty application-security web-security pentesting bugbounty offensive-security ethical-hacking red-team bugcrowd hackerone security-tools claude ai-security anthropic claude-code claude-skills
-
Updated
May 21, 2026 - Python
This repository contains cheatsheets and payloads compiled from completing the labs at PortSwigger Academy.
-
Updated
Dec 29, 2024 - Python
Open-source cybersecurity analysis agent for Claude Code. Scans projects for vulnerabilities across all OWASP 2025 Top 10 and CWE Top 25 categories. 11 security domains, 60+ secret patterns, parallel subagent analysis, professional report generation. Built by tododeia.com
open-source security security-audit owasp cybersecurity application-security cwe devsecops vulnerability-scanner sast supply-chain-security ai-agent secret-detection claude-code claude-code-skill
-
Updated
Apr 12, 2026 - Python
Detects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.
python automation jwt authentication authorization jwt-tokens application-security pentesting bugbounty appsec vulnerability-assessment jwt-algorithm security-enthusiasts jwt-algorithm-confusion-attack
-
Updated
Jun 17, 2025 - Python
Tool for breaking into web applications.
-
Updated
Aug 16, 2019 - Python
SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing
windows active-directory penetration-testing sql-injection mssql application-security burp-plugin burp-extensions user-enumeration
-
Updated
May 10, 2020 - Python
AI-native security auditor on AgentField that proves exploitability with verdicts, traces, and actionable evidence.
python open-source security developer-tools application-security cwe autonomous-agents sarif devsecops ai-agents vulnerability-scanner graphql-security sast ai-security llm agentic-ai agentfield
-
Updated
Apr 6, 2026 - Python
Identifying Open-Source License Violation and 1-day Security Risk at Large Scale
-
Updated
Jan 23, 2018 - Python
Vimana is a modular security framework for auditing Python APIs and Web applications. The plugin-based architecture enables security professionals to assess, fuzz, and analyze Python projects through automated and manual techniques.
experimental django-application hacking django-templates secops application-security flask-security information-security hacking-tool python-security django-template-language devsecops security-framework hacking-framework python3-application hackingtools django-security
-
Updated
Jan 14, 2026 - Python
A small tool to help developers understand a huge set of security requirements from appsec teams
-
Updated
Sep 2, 2022 - Python
Improve this page
Add a description, image, and links to the application-security topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the application-security topic, visit your repo's landing page and select "manage topics."