APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is intended primarily for mobile app developers and security testers, it can be used by anyone to identify and address potential security vulnerabilities in their code.

Security Knowledge Framework (SKF) Python Flask / Angular project

Recommendations for secure applications development with Rust

The Secure Coding Dojo is a platform for delivering secure coding knowledge.

A deliberately vulnerable banking application designed for practicing Security Testing of Web App, APIs, AI integrated App and secure code reviews. Features common vulnerabilities found in real-world applications, making it an ideal platform for security professionals, developers, and enthusiasts to learn pentesting and secure coding practices.

Web Application Secure Coding Handbook resource.

The Secure Coding Framework

Collection of C and C++ Coding Standards

Kurukshetra - A framework for teaching secure coding by means of interactive problem solving.

A multi-vault secret injection tool for safely injecting secrets into app environment

Dependency Combobulator

♾️ Collection of DevSecOps Notes + Resources + Courses + Tools

An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about Software & Systems Architecture in Cybersecurity

Conviso Vulnerable Web Application is the OSS project from the Conviso Application Security for the community. The project represents a vulnerable web application to practice security testing and improve your learning in AppSec..

Reapsaw is a continuous security devsecops tool, which helps in enabling security into CI/CD Pipeline. It supports coverage for multiple programming languages.

Additional Resources For Securing The Stack Tutorials

Vimana is an experimental security tool that aims to provide resources for auditing Python web applications.

Documentation and guidance to practice secure coding for various PLC vendors

A quick script to spot the usage of Unicode Bidi (bidirectional) characters that could lead to an Invisible Backdoor

An automated system for requesting and approving no-due certificates for students at the end of each semester for universities and colleges.