Sample Secure Pipeline with GithHub Actions - Ideal for Open Source Projects

The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.

Security Champions Playbook v 2.1

The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.

Near X one is a game development project on RPG Maker vx ace,(2D Software) (RPG Maker vx ace is an RPG game creation engine)

OWASP Dependency Track API client for intergration into CI/CD pipeline

A collection of useful Serverless functions I use when pentesting

People tracker on the Internet: OSINT analysis and research tool by Jose Pino

Securinets ISI Workshops Materials :D

Training session for the Vue.js framework

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

An opinionated scaffolding framework that jumpstarts Java projects with an API-first design, secure defaults, and minimal dependencies

A PostCSS plugin to keep CSS grids stupidly simple

An authoritative list of awesome devsecops tools with the help from community experiments and contributions.

Dedicated to JavaScript and its awesome community since 2015

Subresource Integrity fallback script

Proof-of-concept codes created as part of security research done by Google Security Team.

DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:

A pure JavaScript CORS alternative

Tapestry Core with a SAX template parser (instead of standard StAX)

scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.

Asynchronous WebSocket/Comet Support in Tapestry

Sixpack is a language-agnostic a/b-testing framework