Alexandre Gigleux

Clone of OWASP Benchmark Project (Java) where all test cases have a dedicated directory more easy to manage by a human.

No description.

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

No description.

Simulate Public sonar-secrets-pre-commit

SuiteCRM - Open source CRM for the world

An open-source AI agent that brings the power of Gemini directly into your terminal.

No description.

GitHub Skills: Introduction to Secret Scanning

Benchmarking repo for secrets scanning

A tiny boost library in C++11.

A LLVM-based static analysis framework.

Open Source Inventory Management System

Dockerized POC for CVE-2022-42889 Text4Shell

No description.

Just to simulate SubModules (submodule1)

PL/JSON is a generic JSON object written in PL/SQL. Using PL/SQL object syntax, users instantiate a JSON object and then add members, arrays and additional JSON objects. This object type can store JSON data, in Oracle, persistently.

Bicep is a declarative language for describing and deploying Azure resources

Vulnerable app with examples showing how to not use secrets

Terraform module which creates S3 bucket resources on AWS 🇺🇦

No description.

A small collection of vulnerable code snippets

A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Security vulnerabilities within your own API Security CTF.

Example Terraform configuration

No description.

FlowBlot is static code analysis benchmark project by Codethreat, including sink-source challenges grouped into various technical analysis concepts.

Your self-hosted, globally interconnected microblogging community

Erlik 2 - Vulnerable-Flask-App

No description.

A Broken Application - Very Vulnerable!

Odoo. Open Source Apps To Grow Your Business.

:notebook_with_decorative_cover: The missing documentation tool for your Angular, Nest & Stencil application

Angular Starter

MUI Core is a collection of React UI libraries for shipping new features faster. Start with Material UI, our fully-loaded component library, or bring your own design system to our production-ready components.

The repository for high quality TypeScript type definitions.

🐠 Babel is a compiler for writing next generation JavaScript.

The Block Editor project for WordPress and beyond. Plugin is available from the official repository.

Low code project to build admin panels, internal tools, and dashboards. Integrates with 15+ databases and any API.

:video_game: Open-source, cross-platform game engine designed to be used by everyone.

A platform for community discussion. Free, open, simple.

Visual Studio Code

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

Created with StackBlitz ⚡️

Official repository for Spyder - The Scientific Python Development Environment

SunPy - Python for Solar Physics

No description.

Examples and server integrations for generating the Swagger API Specification, which enables easy access to your REST API

A Blazing fast Security Auditing tool for Kubernetes

No description.

Regula checks infrastructure as code templates (Terraform, CloudFormation, k8s manifests) for AWS, Azure, Google Cloud, and Kubernetes security and compliance using Open Policy Agent/Rego

No description.

Liberating Web Analytics. Star us on Github? +1. Matomo is the leading open alternative to Google Analytics that gives you full control over your data. Matomo lets you easily collect data from websites & apps and visualise this data and extract insights. Privacy is built-in. We love Pull Requests!

Trojan Source: Invisible Vulnerabilities

No description.

SwissCovid is the official contact tracing app of Switzerland.

goto.dev - Pull request superpowers

No description.

A very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of security analyzers tools tools

No description.

Lenia - Mathematical Life Forms

Sheet Music Creation, Groove Experimentation, and Practice Tool for drummers.

PHPStan's source code. This is where development happens. Check https://github.com/phpstan/phpstan for the distribution repository.

Web and mobile application security training platform

The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.

A micro-benchmark suite to assess the stability of taint-analysis tools for Android

Scanning APK file for URIs, endpoints & secrets.

MVT is a forensic tool to look for signs of infection in smartphone devices

⚡️ A fully-featured and blazing-fast Kotlin/Android API client to interact with Algolia.

Run compilers interactively from your web browser and interact with the assembly

OWASP Mutillidae II is a free, open source, deliberately vulnerable web-application providing a target for web-security enthusiast. Mutillidae can be installed on Linux and Windows using LAMP, WAMP, and XAMMP. It is pre-installed on SamuraiWTF and OWASP BWA. The existing version can be updated on these platforms. With dozens of vulnerabilities and hints to help the user; this is an easy-to-use web hacking environment designed for labs, security enthusiast, classrooms, CTF, and vulnerability assessment tool targets. Mutillidae has been used in graduate security courses, corporate web sec training courses, and as an "assess the assessor" target for vulnerability assessment software.

WARNING: This app contains security vulnerabilities. AltoroJ is a sample banking J2EE web application. It shows what happens when web applications are written with consideration of app functionality but not app security. It's a simple and uncluttered platform for demonstrating and learning more about real-life application security issues.

No description.

Appknox vulnerabilities list

No description.

Oversecured Vulnerable Android App

Native Android app using the Apple/Google exposure notification API.

CdkGoat is Bridgecrew's "Vulnerable by Design" AWS CDK repository. CdkGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

Cfngoat is Bridgecrew's "Vulnerable by Design" Cloudformation repository. Cfngoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

OWASP VulnerableApp Project: For Security Enthusiasts by Security Enthusiasts.

Skeleton application for creating laminas-mvc based projects.

📓 The UI component explorer. Develop, document, & test for React, Vue, Angular, Ember, Web Components, & more!

No description.

Java Test Cases inspired from Codyze that can be compiled and scanned with SonarCloud

No description.

Utility for statistics collection for different projects. C#, Java and PHP supported for now.

Damn Vulnerable Web Service is a vulnerable web service/API/application that can be used to learn webservices/API vulnerabilities.

Damn Vulnerable Web Services is an insecure web application with multiple vulnerable web service components that can be used to learn real world web service vulnerabilities. NOTE: This project is out of date, please use https://github.com/snoopysecurity/dvws-node

🚀 Open source Node.js Headless CMS to easily build customisable APIs

Create secure and private web apps using only static JavaScript, HTML, and CSS.

Automatic SQL injection and database takeover tool

Create awesome wordlist with python, demo: https://asciinema.org/a/101677

Generate tons of fake issues on files

Zulip server - powerful open source team chat

Multi-Object-Tracking for garbage detection

Repo for all the OWASP-SKF Docker lab examples

Service de génération de l'attestation de déplacement dérogatoire à présenter dans le cadre du confinement lié au virus covid-19

The C++ Core Guidelines are a set of tried-and-true guidelines, rules, and best practices about coding in C++

No description.

A web application that contains several unit tests for the purpose of .NET security

Vulnerable Version of PetClinic to Validate MMF-1707

OWASP WebGoat.NET

OWASP's official repository for WebGoat (ASP.NET version)

No description.

A collection of useful .gitignore templates

Collection of vulnerable and fixed PHP synthetic test cases

Extract Issues from SonarQube/SonarCloud using the "api/issues/search" API

All Submissions you make to Magento Inc. ("Magento") through GitHub are subject to the following terms and conditions: (1) You grant Magento a perpetual, worldwide, non-exclusive, no charge, royalty free, irrevocable license under your applicable copyrights and patents to reproduce, prepare derivative works of, display, publically perform, sublicense and distribute any feedback, ideas, code, or other information (“Submission") you submit through GitHub. (2) Your Submission is an original work of authorship and you are the owner or are legally entitled to grant the license stated above. (3) You agree to the Contributor License Agreement found here: https://github.com/magento/magento2/blob/master/CONTRIBUTOR_LICENSE_AGREEMENT.html

Source code for the Minitest with Shoulda article.

Go project analyzed on SonarCloud using Travis

No description.

jack2 codebase

No description.

No description.

No description.

List all APIs of SonarQube and store them into a file

No description.

Create a Toxicity Chart based on metrics provided by checkstyle rules.