Thanks to visit codestin.com
Credit goes to Github.com

Skip to content
@appsecco

Appsecco

VA/PT | DevSecOps | Cloud Native Security | Kubernetes | Docker | AWS

Pinned Loading

  1. mcp-client-and-proxy mcp-client-and-proxy Public

    A universal MCP client with proxying feature to interact with MCP Servers which support STDIO transport.

    Python 15 3

  2. pentesting-mcp-servers-checklist pentesting-mcp-servers-checklist Public

    A practical, community-driven checklist for pentesting MCP servers. Covers traffic analysis, tool-call behavior, namespace abuse, auth flows, and remote server risks. Maintained by Appsecco and lic…

    26 3

  3. breaking-and-pwning-apps-and-servers-aws-azure-training breaking-and-pwning-apps-and-servers-aws-azure-training Public

    Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!

    CSS 949 258

  4. dvna dvna Public

    Damn Vulnerable NodeJS Application

    SCSS 758 861

  5. the-art-of-subdomain-enumeration the-art-of-subdomain-enumeration Public

    This repository contains all the supplement material for the book "The art of sub-domain enumeration"

    Python 661 153

  6. vulnerable-mcp-servers-lab vulnerable-mcp-servers-lab Public

    A collection of servers which are deliberately vulnerable to learn Pentesting MCP Servers.

    JavaScript 221 37

Repositories

Showing 10 of 56 repositories
  • vulnerable-mcp-servers-lab Public

    A collection of servers which are deliberately vulnerable to learn Pentesting MCP Servers.

    appsecco/vulnerable-mcp-servers-lab’s past year of commit activity
    JavaScript 221 MIT 37 0 0 Updated Dec 18, 2025
  • mcp-client-and-proxy Public

    A universal MCP client with proxying feature to interact with MCP Servers which support STDIO transport.

    appsecco/mcp-client-and-proxy’s past year of commit activity
    Python 15 MIT 3 0 0 Updated Dec 18, 2025
  • pentesting-mcp-servers-checklist Public

    A practical, community-driven checklist for pentesting MCP servers. Covers traffic analysis, tool-call behavior, namespace abuse, auth flows, and remote server risks. Maintained by Appsecco and licensed for remixing.

    appsecco/pentesting-mcp-servers-checklist’s past year of commit activity
    26 CC-BY-4.0 3 0 0 Updated Dec 18, 2025
  • raptor Public Forked from gadievron/raptor

    Raptor turns Claude Code into a general-purpose AI offensive/defensive security agent. By using Claude.md and creating rules, sub-agents, and skills, we configure the agent for adversarial thinking, and perform research or attack/defense operations.

    appsecco/raptor’s past year of commit activity
    Python 1 MIT 129 0 0 Updated Dec 2, 2025
  • dvcsharp-api Public

    Damn Vulnerable C# Application (API)

    appsecco/dvcsharp-api’s past year of commit activity
    C# 79 MIT 288 4 6 Updated Jul 15, 2024
  • kubernetes-ptaas-scripts Public

    Scripts to generate kubeconfig files required to perform a PT.

    appsecco/kubernetes-ptaas-scripts’s past year of commit activity
    Shell 1 MIT 0 0 0 Updated Apr 29, 2024
  • dvna Public

    Damn Vulnerable NodeJS Application

    appsecco/dvna’s past year of commit activity
    SCSS 758 MIT 861 2 12 Updated Mar 27, 2024
  • dvja Public

    Damn Vulnerable Java (EE) Application

    appsecco/dvja’s past year of commit activity
    CSS 145 MIT 527 2 16 Updated Jan 23, 2024
  • kubeseco Public

    Application Security Workflow Automation using Docker and Kubernetes

    appsecco/kubeseco’s past year of commit activity
    JavaScript 23 MIT 10 2 6 Updated Dec 11, 2022
  • breaking-and-pwning-apps-and-servers-aws-azure-training Public

    Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!

    appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training’s past year of commit activity
    CSS 949 MIT 258 1 0 Updated Nov 26, 2022
View all repositories