ahmedtorgoman Goto Github PK

adapt

ADAPT is a tool that performs automated Penetration Testing for WebApps.

astra

Automated Security Testing For REST API's

awesome-python

A curated list of awesome Python frameworks, libraries, software and resources

awesome-test-automation

A curated list of awesome test automation frameworks, tools, libraries, and software for different programming languages. Sponsored by http://sdclabs.com

brakeman

A static analysis security vulnerability scanner for Ruby on Rails applications

burpa

Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).

django

The Web framework for perfectionists with deadlines.

docker-vulnerable-dvwa

Damn Vulnerable Web Application Docker container

dvwa

Damn Vulnerable Web Application (DVWA)

dynamicanalysistools

Contains code examples and test cases discussed in the paper: Evaluation of Dynamic Analysis Tools for Software Security, submitted to a journal and currently under review.

elearning

eLearning is scalable web application written in python (django)

github-slideshow

A robot powered training repository :robot:

hackipy

Hacking, pen-testing, and cyber-security related tools built with Python.

kautilya

Kautilya - Tool for easy use of Human Interface Devices for offensive security and penetration testing.

ma-progect

mittn

Mittn: Security test tool runner for test automation in CI

monkey

Infection Monkey - An automated pentest tool

mooc-software-testing

mutillidae

OWASP Mutillidae II is a free, open source, deliberately vulnerable web-application providing a target for web-security enthusiast. Mutillidae can be installed on Linux and Windows using LAMP, WAMP, and XAMMP. It is pre-installed on SamuraiWTF and OWASP BWA. The existing version can be updated on these platforms. With dozens of vulnerabilities and hints to help the user; this is an easy-to-use web hacking environment designed for labs, security enthusiast, classrooms, CTF, and vulnerability assessment tool targets. Mutillidae has been used in graduate security courses, corporate web sec training courses, and as an "assess the assessor" target for vulnerability assessment software.

mvn.zap.api

OWAP Zed Attack Proxy (ZAP) API implemented using Maven

nogotofail

An on-path blackbox network traffic security testing tool

payloadsallthethings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

penetration-testing-tools

A collection of more than a 140+ tools, scripts, cheatsheets and other loots that I have developed over years for Penetration Testing and IT Security audits purposes. Most of them came handy at least once during my real-world engagements.

pythondjango

Learn python and framework django

pythondjango-1

This project has been created to learn the basics of the pythons's django framework.

samm

Tradução OWASP SAMM para o Português-BR

secureprogramming

Major software based security problems, static analysis tools, design techniques for limiting security bugs and enabling security checks. Design, develop, and test a program with security

software-testing

Virtual Reality is an experimental and innovative framework containing advanced tools and options for creating virtual world applications. Virtual Reality is not a virtual world, nor a stand-alone application, it is a scalable and customizable platform containing some basic modules and based on some fundamental innovative pillars (peer-to-peer architecture, secure communication infrastructure, leg al framework, powerful scripting language); additional modules can be built on top of it on demand. The core of Virtual Reality is the innovative Virtual Reality Engine based on a hybrid peer-to-peer infrastructure that allows the sharing of computational load in experiencing the virtual environment obtaining infrastructural resource optimization and bandwidth reduction. It enhances the platform in terms of robustness, availability, scalability, load balancing. From an higher level point of view, Virtual Reality is provided with a Legal Framework that allows to conclude deals and to carry out transaction directly in-world. To obtain this aim, Virtual Reality is integrated with a secure communication infrastructure based on a strong identity system that bounds the avatar to the real identity of the person behind, that is responsible of his actions as in real life. In case of infringement of the contract terms, an in-world dispute resolution is implemented within the platform The design of such system carefully mimics the Model Agreement provided by The International Mediation Institute, www.IMImediation.org . The main Science & Technology objectives of the project were: to create a scalable, reliable p2p architecture for a 3d environment: two innovative custom libraries have been developed, namely vrnet and vrengine that allow the creation of a coherent world on top of a overlay network leveraging on a newly introduced authority mechanism; to create a secure and trusted infrastructure and a certified authentication system: it allows end-to-end security in communications between either users or participating virtual nodes; this layer is built upon PKI and stresses the role of mutually entrusted communication streams as well as digital signature of documents and proof of identity; to implement a virtual law system: leveraging the platform built-in strong identity, users are allowed to carry out transactions directly in-world (contracts and online dispute resolution system) and to participate to its ruling via customizable Constitution and Law System; to create a powerful scripting engine, allowing the users to interact with the virtual world. Scripting has been targeted toward programmers, privileging power over ease-of-use; This innovative approach has received some encouraging feedbacks from private universities and training companies, so that a specific applicative scenario has been customized for educational purposes (Virtual Campus). The Virtual Campus scenario takes also advantage from the interactivity enabled by the Virtual Reality scripting engine. From the legal side, some Contracts template specifically targeted to the relationships existing among private universities, teachers and students, cover the main use cases. Moreover, after a careful examination of potential business applications, thanks to the powerful scripting engine has been possible to obtain a specific applicative scenario (industrial scenario) aimed, for example, to provide a testing platform for streetcars/railway designers/manufacturers. The project has devoted great attention also on dissemination and exploitation activities; more than thirty publications have been written and more than one hundred fifty potential stakeholders have been contacted in order to build a business relationship. Platform Validation has demonstrated that Virtual Reality offers the architectural support for adoption of the platform, whether in autonomous or assisted usage, in educational and industrial application domains (i.e. Virtual Campus and Street-cars). The validation highlighted some improvements area, in particular with respect to the usability and 3D interaction mode. Notwithstanding this finding, the users in both the domains were able to perform the planned scenarios and the validation exercises. Virtual Reality demonstrates to be fully compliant with the requirements provided by the pool of involved users. As for Virtual Campus the platform proved to enhance teachers and students to carry out their duties. In particular the possibility to visualize complex objects, as well as their exploration, and the persistence of the virtual world, were assessed as valuable features to support the educational scenarios. The experimental results demonstrated that P2P framework effectively balances richness, responsiveness, robustness to provide an enhanced user experience to what is possible on traditional client/server architectures on regular Internet connections. In addition, our P2P framework reduces the requirements of bandwidth and CPU power on the service provider of a Virtual Reality-based virtual world service, and hence reduces the total cost of ownership

system-design-primer

Learn how to design large-scale systems. Prep for the system design interview. Includes Anki flashcards.

testing-project