Damn Vulnerable iOS App (DVIA) is an iOS application that is damn vulnerable. Its main goal is to provide a platform to mobile security enthusiasts/professionals or students to test their iOS penetration testing skills in a legal environment. This application covers all the common vulnerabilities found in iOS applications (following OWASP top 10 mobile risks) and contains several challenges that the user can try. This application also contains a section where a user can read various articles on iOS application security. This project is developed and maintained by @prateekg147. The vulnerabilities and solutions covered in this app are tested upto iOS 8.1 .

Don Cheli — SDD Framework. The most comprehensive Specification-Driven Development framework for AI agents. 71+ commands, 42 skills, 15 reasoning models. TDD mandatory, OWASP audit, Anthropic Skills 2.0 compatible. Works with Claude Code, Gemini/Antigravity, Cursor, Codex. ES/EN/PT.

UX/UI evaluation, AI governance, and AI security skills for AI coding assistants. Audit interfaces with Nielsen heuristics, WCAG, Don Norman principles. Assess AI risk with NIST AI RMF, ISO 42001, OWASP LLM Top 10, and OWASP AI Testing Guide.

Rust AI agent where every context token earns its place. Self-learning skills, temporal graph memory, cascade quality routing, OWASP AI security. Hybrid inference: Ollama · Claude · Gemini · OpenAI · GGUF. MCP + ACP. One binary.

API security skills and rules for Cursor, Claude Code, Copilot, and all major AI coding agents. OWASP API Top 10 coverage — zero configuration.

AI-powered whitebox penetration testing plugin for Claude Code. 9 languages, 22 skills, 7 autonomous agents. STRIDE threat modeling, OWASP 2025 coverage, polyglot monorepo support.

This repository contains OWASP Top 10 CTF challenges designed to test your skills in web application security. Each category includes both "easy" and "hard" challenges.

OWASP21-PG is a practical lab that equips enthusiasts, developers & students with skills to identify/prevent web vulnerabilities, particularly in the OWASP Top 10 for 2021. Based on bWAPP, it offers a comprehensive practical lab covering all categories in the OWASP Top 10.

VulnLab is a modern, aesthetically pleasing web application designed to be **intentionally vulnerable**. It serves as a safe environment for developers and security enthusiasts to practice their skills in identifying and exploiting common web vulnerabilities (OWASP Top 10).

454 standards-grounded Claude Code skills for every PDLC role. 8 roles, 57 plugins, 173 commands. Grounded in SWEBOK, TOGAF, OWASP, ISTQB, NIST, AIPMM. Every skill includes LLM error mitigation anti-patterns.

A collection of Owasp top 10 skills for software engineers to use in AI assistants like claude code and github copilot

The OWASP MSTG Android CrackMe is a series of Android applications with hidden flags designed to develop Java and Native reverse engineering skills.

Open-source security skills for AI coding agents. Grounded in OWASP, NIST, MITRE ATT&CK, CIS. Works with Claude Code, Gemini CLI, Cursor, Codex CLI, OpenClaw, Kiro.

A set of OWASP Top 10 vulnerability agent skills

No description available

Reusable Claude Code slash command skills — Express microservices, OWASP audits, security hardening, TTS generation

Security and compliance audit skills for Claude Code — HIPAA, SOC 2, OWASP, PQC, FDCPA/TCPA, HITRUST

- ClickUp and GitHub integration skills - OWASP Top 10 security skills (A01, A03, A07) - Slash commands: /ticket, /commit, /merge, /security-scan, /audit - MCP and project templates

Practice exercises to enhance skills in tuning OWASP ModSecurity core rule set rules and implementing your own rules.

This repository showcases practical penetration testing of vulnerable web applications and APIs, starting with OWASP Juice Shop and OWASP CrAPI. It demonstrates professional testing and reporting skills — including manual validation, PoCs, risk analysis, and remediation guidance.

Android development review skills for Claude Code — covering OWASP MASVS security audit, Clean Architecture, performance optimization, Jetpack Compose best practices, and Google Play Store compliance

A .claude/ folder system with 9 specialized agents and 12 skills for Claude Code. Automates full-stack development — React, Node.js, PostgreSQL, Docker, CI/CD, OWASP security, Core Web Vitals SEO, and production deployments.

Amazon AppSec CTF 2025 writeups and methodology. This repository documents my application security approach, including reconnaissance, vulnerability analysis, and exploitation techniques practiced during the CTF. Focused on OWASP Top 10, real-world AppSec skills, and structured reporting.

Performed web app vulnerability testing using OWASP Juice Shop. Identified SQL Injection, XSS, and access control flaws through manual testing. Recommended secure coding practices like input validation and prepared statements. Built hands-on skills in ethical hacking.

A hands-on penetration testing platform for learning and practicing ethical hacking. Includes real-world challenges, CTF-style labs, and vulnerable environments covering OWASP Top 10 and more. Ideal for students and cybersecurity enthusiasts to build and showcase red-team skills.

I built a vulnerable web application to demonstrate my security testing skills. It showcases my understanding of OWASP Top 10 vulnerabilities including SQL injection, XSS, and authentication bypasses. I can identify these issues, exploit them ethically, and implement proper fixes. CI pipe line running tests on merge to main.

Damn Vulnerable iOS App (DVIA) is an iOS application that is damn vulnerable. Its main goal is to provide a platform to mobile security enthusiasts/professionals or students to test their iOS penetration testing skills in a legal environment. This application covers all the common vulnerabilities found in iOS applications (following OWASP top 10… http://damnvulnerableiosapp.com

TOP 10 OWASP audit skills

A skillset for AI agents derived from OWASP Cheat Sheet series

No description available