🏴☠️ BST is an ever-evolving collection of 🛠 tools to help in security and administration tasks 😉
-
Updated
Aug 30, 2024 - Shell
🏴☠️ BST is an ever-evolving collection of 🛠 tools to help in security and administration tasks 😉
pre-commit hooks to run snyk
pre-commit hooks to run grype
Templates to integrate Fortify application security testing with Amazon Web Services (AWS), Azure, Google Cloud Platform (GCP) and Oracle Cloud Infrastructure (OCI)
Deploy a Private Burp Collaborator server with a wildcard Let's Encrypt SSL certificate including automatic renewal for advanced penetration testing. Includes scripts and guides for a seamless cloud deployment process.
Git All the Payloads! A collection of web attack payloads.
This repo holds the SAST-SCANNER Dockerfile used in Command Center Scanner.
All Labs of the Security for Developers Training
Cross-Site Scripting (XSS) is one of the most well known web application vulnerabilities. It even has a dedicated chapter in the OWASP Top 10 project and it is a highly chased vulnerability in bug bounty programs. The xss finder gets a link from the user and scan the website for XSS vulnerability by injecting malicious scripts at the input place.
OWASP Juice Shop Laboratory
Deprecated; please use 'fcli tool * install' commands provided by fcli (https://github.com/fortify-ps/fcli) instead
Full Nuclei automation script with logic explanation.
DongTai is an interactive application security testing(IAST) product that supports the detection of OWASP WEB TOP 10 vulnerabilities, multi-request related vulnerabilities (including logic vulnerabilities, unauthorized access vulnerabilities, etc.), third-party component vulnerabilities, etc.
A Github Action to parse DependencyCheck JSON reports, print the found vulnerabilities and fail the build.
Simple script to find secrets inside source code folders
Rule packs for Signal Sciences power rules platform.
Add a description, image, and links to the appsec topic page so that developers can more easily learn about it.
To associate your repository with the appsec topic, visit your repo's landing page and select "manage topics."