awesome-repositories.com
博客
awesome-repositories.com

通过 AI 驱动的搜索,发现最优秀的开源仓库。

探索精选搜索开源替代品自托管软件博客网站地图
项目关于排名机制媒体报道MCP 服务器
法律隐私政策服务条款
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

4 个仓库

Awesome GitHub RepositoriesDynamic Application Security Testing

Security analysis performed on a running application to find flaws that only appear during execution.

Distinct from Web Application Penetration Testing: Existing candidates focus on penetration testing or general web security rather than the specific DAST methodology.

Explore 4 awesome GitHub repositories matching security & cryptography · Dynamic Application Security Testing. Refine with filters or upvote what's useful.

Awesome Dynamic Application Security Testing GitHub Repositories

用 AI 发现最棒的仓库。我们将通过 AI 为您搜索最匹配的仓库。
  • zaproxy/zaproxyzaproxy 的头像

    zaproxy/zaproxy

    15,293在 GitHub 上查看↗

    OWASP ZAP is a dynamic application security testing tool and intercepting HTTP proxy used to find vulnerabilities in web applications. It functions as a penetration testing framework that enables both automated security scanning and manual security testing of running web services. The tool provides a suite of capabilities for analyzing web applications from the outside in, including the ability to capture and modify traffic between a browser and a target application. It is designed to integrate into DevSecOps pipelines to provide consistent security checks across different environments.

    Analyzes running web applications to identify security flaws that only appear during execution.

    Java
    在 GitHub 上查看↗15,293
  • microsoft/security-101microsoft 的头像

    microsoft/Security-101

    6,203在 GitHub 上查看↗

    Security-101 is a vendor-agnostic, foundational cybersecurity learning curriculum organized into modular, framework-aligned modules. It is designed to build core knowledge across multiple security domains without tying content to specific products or platforms, making it suitable for both beginners and professionals seeking a structured introduction to the field. The curriculum is built around established security frameworks, including the MITRE ATT&CK framework for standardized threat analysis and the NIST Cybersecurity Framework for incident response workflows. It covers a broad range of do

    Teaches sending input requests to live applications and analyzing responses to find security weaknesses.

    HTMLappseccia-triaddata-protection
    在 GitHub 上查看↗6,203
  • arachni/arachniArachni 的头像

    Arachni/arachni

    4,000在 GitHub 上查看↗

    Arachni is a dynamic application security testing vulnerability scanner and web application security tool. It functions as a distributed web audit framework that performs active and passive audits to identify security flaws such as SQL injection and cross-site scripting. The project features a JavaScript-aware web crawler that executes scripts and monitors DOM changes to analyze modern dynamic web applications. It utilizes server platform fingerprinting to target compatible security payloads and provides a grid-based system to distribute scanning workloads across multiple nodes. The tool cov

    Performs security analysis on running applications to find flaws in modern web apps that rely on JavaScript and DOM changes.

    Rubyanalysisarachniaudit
    在 GitHub 上查看↗4,000
  • codeaprendiz/learn-devopscodeaprendiz 的头像

    codeaprendiz/learn-devops

    1,587在 GitHub 上查看↗

    This project is a comprehensive educational repository designed to teach DevOps practices through structured learning paths and hands-on exercises. It focuses on mastering infrastructure management, container orchestration, and system administration by providing a curriculum that covers the full lifecycle of cloud-native environments, from initial provisioning to ongoing maintenance and security. The repository distinguishes itself by offering a practical, task-based approach to complex operational domains. It guides users through the implementation of infrastructure-as-code, the configuratio

    Guides users through simulating external attacks against running applications to identify security vulnerabilities.

    HCLawscoding-taskscontainer-orchestration
    在 GitHub 上查看↗1,587
  1. Home
  2. Security & Cryptography
  3. Dynamic Application Security Testing

探索子标签

  • Interactive Security TestingRuntime security analysis that monitors application behavior from within to detect vulnerabilities. **Distinct from Dynamic Application Security Testing:** Distinct from Dynamic Application Security Testing: focuses on internal runtime instrumentation rather than external black-box attack simulation.