diff --git a/README.md b/README.md
index 77351ff..fb277a0 100644
--- a/README.md
+++ b/README.md
@@ -59,27 +59,39 @@ from reading [A Gentle Introduction to Application Security](https://paragonie.c
       * [MicroCorruption](#microcorruption)
       * [The Matasano Crypto Challenges](#the-matasano-crypto-challenges)
       * [PentesterLab](#pentesterlab)
-      * [Juice Shop](#juice-shop)
       * [Supercar Showdown](#supercar-showdown)
-      * [OWASP NodeGoat](#owasp-nodegoat)
       * [Blogs](#blogs)
         * [Crypto Fails](#crypto-fails)
         * [NCC Group - Blog](#ncc-group-blog)
         * [Scott Helme](#scott-helme)
         * [Cossack Labs blog](#cossack-labs-blog-2018) (2018)
       * [Wiki pages](#wiki-pages)
-        * [OWASP Top Ten Project](#owasp-top-ten-project)
+        * [The ZAP API](#the-zap-api)
       * [Tools](#tools)
         * [Qualys SSL Labs](#qualys-ssl-labs)
         * [securityheaders.io](#securityheaders-io)
         * [report-uri.io](#report-uri-io)
+  * [Full stack](#full-stack)
+    * [Open Web Application Security Project](#open-web-application-security-project)
+      * [OWASP Top Ten Project](#owasp-top-ten-project)
+      * [OWASP NodeGoat Project](#owasp-nodegoat-project-2014) (2014)
+      * [OWASP Juice Shop Tool Project](#owasp-juice-shop-tool-project-2014) (2014)
+      * [OWASP WebGoat Project](#owasp-webgoat-project-2008) (2008)
+      * [OWASP Serverless Goat](#owasp-serverless-goat-2018) (2018)
+      * [ModSecurity (open source WAF)](#modsecurity-open-source-waf-2007) (2007)
+      * [OWASP ModSecurity Core Rule Set (CRS)](#owasp-modsecurity-core-rule-set-crs-2012) (2012)
+      * [OWASP Cheat Sheet Series](#owasp-cheat-sheet-series-2014) (2014)
+      * [OWASP Zed Attack Proxy Project](#owasp-zed-attack-proxy-project-2010) (2010)
+  * [AWS Lambda](#aws-lambda)
+    * [Tools](#tools-1)
+      * [PureSec FunctionShield](#puresec-functionshield)
   * [Android](#android)
     * [Books and ebooks](#books-and-ebooks)
       * [SEI CERT Android Secure Coding Standard](#sei-cert-android-secure-coding-standard-2015) (2015)
   * [C](#c)
     * [Books and ebooks](#books-and-ebooks-1)
       * [SEI CERT C Coding Standard](#sei-cert-c-coding-standard-2006) (2006)
-      * [Defensive Coding: A Guide to Improving Software Security by the Fedora Security Team](#defensive-coding-a-guide-to-improving-software-security-by-the-fedora-security-team-2018) (2018)
+      * [Defensive Coding: A Guide to Improving Software Security by the Fedora Security Team](#defensive-coding-a-guide-to-improving-software-security-by-the-fedora-security-team-2013) (2013)
   * [C++](#c-1)
     * [Books and ebooks](#books-and-ebooks-2)
       * [SEI CERT C++ Coding Standard](#sei-cert-c-coding-standard-2006-1) (2006)
@@ -93,11 +105,18 @@ from reading [A Gentle Introduction to Application Security](https://paragonie.c
     * [Books and ebooks](#books-and-ebooks-4)
       * [SEI CERT Java Coding Standard](#sei-cert-java-coding-standard-2007) (2007)
       * [Secure Coding Guidelines for Java SE](#secure-coding-guidelines-for-java-se-2014) (2014)
+    * [Source code analysis](#source-code-analysis)
+      * [jeremylong/DependencyCheck](#jeremylongdependencycheck-2012) (2012)
+      * [find-sec-bugs/find-sec-bugs](#find-sec-bugsfind-sec-bugs-2012) (2012)
+    * [Tools](#tools-2)
+      * [zaproxy/zap-api-java](#zaproxyzap-api-java-2016) (2016)
   * [Node.js](#node-js)
     * [Articles](#articles-2)
       * [Node.js Security Checklist - Rising Stack Blog](#node-js-security-checklist-rising-stack-blog-2015) (2015)
     * [Books and ebooks](#books-and-ebooks-5)
       * [Essential Node.js Security](#-essential-node-js-security-2017) (2017) ![nonfree](img/nonfree.png)
+    * [Tools](#tools-3)
+      * [zaproxy/zap-api-nodejs](#zaproxyzap-api-nodejs-2018) (2018)
     * [Training](#training)
       * [Security Training by ^Lift Security](#-security-training-by-lift-security) ![nonfree](img/nonfree.png)
       * [Security Training from BinaryMist](#-security-training-from-binarymist) ![nonfree](img/nonfree.png)
@@ -139,11 +158,24 @@ from reading [A Gentle Introduction to Application Security](https://paragonie.c
       * [Python chapter of Fedora Defensive Coding Guide](#python-chapter-of-fedora-defensive-coding-guide)
       * [Black Hat Python: Python Programming for Hackers and Pentesters](#-black-hat-python-python-programming-for-hackers-and-pentesters) ![nonfree](img/nonfree.png)
       * [Violent Python](#-violent-python) ![nonfree](img/nonfree.png)
+    * [Source code analysis](#source-code-analysis-1)
+      * [PyCQA/bandit](#pycqabandit-2015) (2015)
+      * [pyupio/safety](#pyupiosafety-2016) (2016)
+    * [Tools](#tools-4)
+      * [zaproxy/zap-api-python](#zaproxyzap-api-python-2015) (2015)
     * [Websites](#websites-2)
       * [OWASP Python Security Wiki](#owasp-python-security-wiki-2014) (2014)
   * [Ruby](#ruby)
     * [Books and ebooks](#books-and-ebooks-9)
       * [Secure Ruby Development Guide](#secure-ruby-development-guide-2014) (2014)
+    * [Source code analysis](#source-code-analysis-2)
+      * [rubocop-hq/rubocop](#rubocop-hqrubocop-2012) (2012)
+      * [presidentbeef/brakeman](#presidentbeefbrakeman-2014) (2014)
+      * [rubysec/bundler-audit](#rubysecbundler-audit-2013) (2013)
+  * [Elixir](#elixir)
+    * [Source code analysis](#source-code-analysis-3)
+      * [rrrene/credo](#rrrenecredo-2015) (2015)
+      * [nccgroup/sobelow](#nccgroupsobelow-2017) (2017)
 
 
 # General
@@ -354,18 +386,10 @@ A series of programming exercises for teaching oneself cryptography by [Matasano
 
 PentesterLab provides [free Hands-On exercises](https://pentesterlab.com/exercises/) and a [bootcamp](https://pentesterlab.com/bootcamp/) to get started.
 
-### [Juice Shop](https://bkimminich.github.io/juice-shop)
-
-An intentionally insecure Javascript Web Application.
-
 ### [Supercar Showdown](http://hackyourselffirst.troyhunt.com/)
 
 How to go on the offence before online attackers do.
 
-### [OWASP NodeGoat](https://github.com/owasp/nodegoat)
-
-Purposly vulnerable to the OWASP Top 10 Node.JS web application, with [tutorials](https://nodegoat.herokuapp.com/tutorial), [security regression testing with the OWASP Zap API](https://github.com/OWASP/NodeGoat/wiki/NodeGoat-Security-Regression-tests-with-ZAP-API), [docker image](https://github.com/owasp/nodegoat#option-3---run-nodegoat-on-docker). With several options to get up and running fast.
-
 ### Blogs
 
 #### [Crypto Fails](http://cryptofails.com)
@@ -388,9 +412,9 @@ Blog of cryptographic company that makes open-source libraries and tools, and de
 
 ### Wiki pages
 
-#### [OWASP Top Ten Project](https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project)
+#### [The ZAP API](https://github.com/zaproxy/zaproxy/wiki/ApiDetails)
 
-The top ten most common and critical security vulnerabilities found in web applications.
+ZAP provides a REST Application Programming Interface (API) which allows you to interact with ZAP programmatically.
 
 ### Tools
 
@@ -406,6 +430,70 @@ Quickly and easily assess the security of your HTTP response headers.
 
 A free CSP and HPKP reporting service.
 
+# Full stack
+
+## Open Web Application Security Project
+
+### [OWASP Top Ten Project](https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project)
+
+The top ten most common and critical security vulnerabilities found in web applications.
+
+### [OWASP NodeGoat Project](https://github.com/OWASP/NodeGoat) (2014)
+
+**Released**: May 6, 2014
+
+OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.
+
+### [OWASP Juice Shop Tool Project](https://github.com/bkimminich/juice-shop) (2014)
+
+**Released**: October 4, 2014
+
+OWASP Juice Shop is probably the most modern and sophisticated insecure web application! It can be used in security trainings, awareness demos, CTFs and as a guinea pig for security tools! Juice Shop encompasses vulnerabilities from the entire OWASP Top Ten along with many other security flaws found in real-world applications!
+
+### [OWASP WebGoat Project](https://github.com/WebGoat/WebGoat) (2008)
+
+**Released**: January 12, 2008
+
+WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons. You can install and practice with WebGoat. There are other 'goats' such as WebGoat for .Net. In each lesson, users must demonstrate their understanding of a security issue by exploiting a real vulnerability in the WebGoat applications.
+
+### [OWASP Serverless Goat](https://www.owasp.org/index.php/OWASP_Serverless_Goat) (2018)
+
+**Released**: December 18, 2018
+
+OWASP ServerlessGoat is a deliberately insecure realistic AWS Lambda serverless application, maintained by OWASP.
+
+### [ModSecurity (open source WAF)](https://github.com/SpiderLabs/ModSecurity) (2007)
+
+**Released**: March 6, 2007
+
+ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analys.
+
+### [OWASP ModSecurity Core Rule Set (CRS)](https://github.com/SpiderLabs/owasp-modsecurity-crs) (2012)
+
+**Released**: September 19, 2012
+
+The OWASP ModSecurity Core Rule Set (CRS) is a set of generic attack detection rules for use with ModSecurity or compatible web application firewalls.
+
+### [OWASP Cheat Sheet Series](https://github.com/OWASP/CheatSheetSeries) (2014)
+
+**Released**: March 7, 2014
+
+The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics. These cheat sheets were created by various application security professionals who have expertise in specific topics. We hope that the OWASP Cheat Sheet Series provides you with excellent security guidance in an easy to read format.
+
+### [OWASP Zed Attack Proxy Project](https://github.com/zaproxy/zaproxy) (2010)
+
+**Released**: October 6, 2010
+
+The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. Its also a great tool for experienced pentesters to use for manual security testing.
+
+# AWS Lambda
+
+## Tools
+
+### [PureSec FunctionShield](https://www.puresec.io/function-shield)
+
+FunctionShield is a 100% free AWS Lambda security and Google Cloud Functions security library that equips developers with the ability to easily enforce strict security controls on serverless runtimes.
+
 # Android
 
 ## Books and ebooks
@@ -426,9 +514,9 @@ A community-maintained Wiki detailing secure coding standards for Android develo
 
 A community-maintained Wiki detailing secure coding standards for C programming.
 
-### [Defensive Coding: A Guide to Improving Software Security by the Fedora Security Team](https://docs.fedoraproject.org/en-US/Fedora_Security_Team/1/html/Defensive_Coding/index.html) (2018)
+### [Defensive Coding: A Guide to Improving Software Security by the Fedora Security Team](https://docs.fedoraproject.org/en-US/Fedora_Security_Team/1/html/Defensive_Coding/index.html) (2013)
 
-**Released**: July 30, 2018
+**Released**: March 7, 2013
 
 Provides guidelines for improving software security through secure coding. Covers common programming languages and libraries, and focuses on concrete recommendations.
 
@@ -478,6 +566,28 @@ A community-maintained Wiki detailing secure coding standards for Java programmi
 
 Secure Java programming guidelines straight from Oracle.
 
+## Source code analysis
+
+### [jeremylong/DependencyCheck](https://github.com/jeremylong/DependencyCheck) (2012)
+
+**Released**: October 23, 2012
+
+OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
+
+### [find-sec-bugs/find-sec-bugs](https://github.com/find-sec-bugs/find-sec-bugs) (2012)
+
+**Released**: October 19, 2012
+
+The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
+
+## Tools
+
+### [zaproxy/zap-api-java](https://github.com/zaproxy/zap-api-java) (2016)
+
+**Released**: June 3, 2016
+
+The Java implementation to access the OWASP ZAP API. For more information about OWASP ZAP consult the (main) OWASP ZAP project.
+
 # Node.js
 
 ## Articles
@@ -496,6 +606,14 @@ Covers a lot of useful information for developing secure Node.js applications.
 
 Hands-on and abundant with source code for a practical guide to Securing Node.js web applications.
 
+## Tools
+
+### [zaproxy/zap-api-nodejs](https://github.com/zaproxy/zap-api-nodejs) (2018)
+
+**Released**: November 16, 2018
+
+The NodeJS implementation to access the OWASP ZAP API. For more information about OWASP ZAP consult the (main) OWASP ZAP project.
+
 ## Training
 
 ### ![nonfree](img/nonfree.png) [Security Training by ^Lift Security](https://liftsecurity.io/training)
@@ -658,6 +776,28 @@ Black Hat Python by Justin Seitz from NoStarch Press is a great book for the off
 
 Violent Python shows you how to move from a theoretical understanding of offensive computing concepts to a practical implementation.
 
+## Source code analysis
+
+### [PyCQA/bandit](https://github.com/PyCQA/bandit) (2015)
+
+**Released**: February 17, 2015
+
+Bandit is a tool designed to find common security issues in Python code.
+
+### [pyupio/safety](https://github.com/pyupio/safety) (2016)
+
+**Released**: October 19, 2016
+
+Safety checks your installed dependencies for known security vulnerabilities.
+
+## Tools
+
+### [zaproxy/zap-api-python](https://github.com/zaproxy/zap-api-python) (2015)
+
+**Released**: May 29, 2015
+
+The Python implementation to access the OWASP ZAP API. For more information about OWASP ZAP consult the (main) OWASP ZAP project.
+
 ## Websites
 
 ### [OWASP Python Security Wiki](https://github.com/ebranca/owasp-pysec/wiki) (2014)
@@ -675,3 +815,39 @@ A wiki maintained by the OWASP Python Security project.
 **Released**: March 10, 2014
 
 A guide to secure Ruby development by the Fedora Security Team. Also available on [Github](https://github.com/jrusnack/secure-ruby-development-guide).
+
+## Source code analysis
+
+### [rubocop-hq/rubocop](https://github.com/rubocop-hq/rubocop) (2012)
+
+**Released**: May 3, 2012
+
+A Ruby static code analyzer and formatter, based on the community Ruby style guide.
+
+### [presidentbeef/brakeman](https://github.com/presidentbeef/brakeman) (2014)
+
+**Released**: February 10, 2014
+
+A static analysis security vulnerability scanner for Ruby on Rails applications.
+
+### [rubysec/bundler-audit](https://github.com/rubysec/bundler-audit) (2013)
+
+**Released**: February 12, 2013
+
+Patch-level verification for Bundler.
+
+# Elixir
+
+## Source code analysis
+
+### [rrrene/credo](https://github.com/rrrene/credo) (2015)
+
+**Released**: November 24, 2015
+
+Credo is a static code analysis tool for the Elixir language with a focus on teaching and code consistency.
+
+### [nccgroup/sobelow](https://github.com/nccgroup/sobelow) (2017)
+
+**Released**: May 12, 2017
+
+Security-focused static analysis for the Phoenix framework.
diff --git a/data/00-general/websites/0010-juice-shop.json b/data/00-general/websites/0010-juice-shop.json
deleted file mode 100644
index 2768c56..0000000
--- a/data/00-general/websites/0010-juice-shop.json
+++ /dev/null
@@ -1,5 +0,0 @@
-{
-    "name": "Juice Shop",
-    "remark": "An intentionally insecure Javascript Web Application.",
-    "url": "https://bkimminich.github.io/juice-shop"
-}
\ No newline at end of file
diff --git a/data/00-general/websites/0012-nodegoat.json b/data/00-general/websites/0012-nodegoat.json
deleted file mode 100644
index b2d6bdd..0000000
--- a/data/00-general/websites/0012-nodegoat.json
+++ /dev/null
@@ -1,5 +0,0 @@
-{
-    "name": "OWASP NodeGoat",
-    "remark": "Purposly vulnerable to the OWASP Top 10 Node.JS web application, with [tutorials](https://nodegoat.herokuapp.com/tutorial), [security regression testing with the OWASP Zap API](https://github.com/OWASP/NodeGoat/wiki/NodeGoat-Security-Regression-tests-with-ZAP-API), [docker image](https://github.com/owasp/nodegoat#option-3---run-nodegoat-on-docker). With several options to get up and running fast.",
-    "url": "https://github.com/owasp/nodegoat"
-}
diff --git a/data/00-general/websites/0013-serverlessgoat.json b/data/00-general/websites/0013-serverlessgoat.json
deleted file mode 100644
index 7976657..0000000
--- a/data/00-general/websites/0013-serverlessgoat.json
+++ /dev/null
@@ -1,6 +0,0 @@
-{
-    "free": true,
-    "name": "OWASP ServerlessGoat",
-    "remark": "OWASP ServerlessGoat is a deliberately insecure realistic AWS Lambda serverless application, maintained by OWASP and created by [PureSec](https://www.puresec.io/). You can install WebGoat, learn about the vulnerabilities, how to exploit them, and how to remediate each issue. The project also includes documentation explaining the issues and how they should be remediated with best-practices.",
-    "url": "https://www.owasp.org/index.php/OWASP_Serverless_Goat"
-}
\ No newline at end of file
diff --git a/data/00-general/websites/01-wiki-pages/0001-zap-api-doc.json b/data/00-general/websites/01-wiki-pages/0001-zap-api-doc.json
new file mode 100644
index 0000000..f03836c
--- /dev/null
+++ b/data/00-general/websites/01-wiki-pages/0001-zap-api-doc.json
@@ -0,0 +1,6 @@
+{
+    "free": true,
+    "name": "The ZAP API",
+    "remark": "ZAP provides a REST Application Programming Interface (API) which allows you to interact with ZAP programmatically.",
+    "url": "https://github.com/zaproxy/zaproxy/wiki/ApiDetails"
+}
diff --git a/data/00-general/websites/01-wiki-pages/0001-owasp-top-ten.json b/data/01-full-stack/Open-Web-Application-Security-Project/0001-owasp-top-ten.json
similarity index 100%
rename from data/00-general/websites/01-wiki-pages/0001-owasp-top-ten.json
rename to data/01-full-stack/Open-Web-Application-Security-Project/0001-owasp-top-ten.json
diff --git a/data/01-full-stack/Open-Web-Application-Security-Project/0002-nodegoat.json b/data/01-full-stack/Open-Web-Application-Security-Project/0002-nodegoat.json
new file mode 100644
index 0000000..919f70e
--- /dev/null
+++ b/data/01-full-stack/Open-Web-Application-Security-Project/0002-nodegoat.json
@@ -0,0 +1,6 @@
+{
+    "date": "2014-05-06",
+    "name": "OWASP NodeGoat Project",
+    "remark": "OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.",
+    "url": "https://github.com/OWASP/NodeGoat"
+}
diff --git a/data/01-full-stack/Open-Web-Application-Security-Project/0003-juice-shop.json b/data/01-full-stack/Open-Web-Application-Security-Project/0003-juice-shop.json
new file mode 100644
index 0000000..5a3eada
--- /dev/null
+++ b/data/01-full-stack/Open-Web-Application-Security-Project/0003-juice-shop.json
@@ -0,0 +1,6 @@
+{
+    "date": "2014-10-04",
+    "name": "OWASP Juice Shop Tool Project",
+    "remark": "OWASP Juice Shop is probably the most modern and sophisticated insecure web application! It can be used in security trainings, awareness demos, CTFs and as a guinea pig for security tools! Juice Shop encompasses vulnerabilities from the entire OWASP Top Ten along with many other security flaws found in real-world applications!",
+    "url": "https://github.com/bkimminich/juice-shop"
+}
diff --git a/data/01-full-stack/Open-Web-Application-Security-Project/0004-web-goat.json b/data/01-full-stack/Open-Web-Application-Security-Project/0004-web-goat.json
new file mode 100644
index 0000000..19d701a
--- /dev/null
+++ b/data/01-full-stack/Open-Web-Application-Security-Project/0004-web-goat.json
@@ -0,0 +1,6 @@
+{
+    "date": "2008-01-12",
+    "name": "OWASP WebGoat Project",
+    "remark": "WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons. You can install and practice with WebGoat. There are other 'goats' such as WebGoat for .Net. In each lesson, users must demonstrate their understanding of a security issue by exploiting a real vulnerability in the WebGoat applications.",
+    "url": "https://github.com/WebGoat/WebGoat"
+}
diff --git a/data/01-full-stack/Open-Web-Application-Security-Project/0005-serverless-goat.json b/data/01-full-stack/Open-Web-Application-Security-Project/0005-serverless-goat.json
new file mode 100644
index 0000000..2311c12
--- /dev/null
+++ b/data/01-full-stack/Open-Web-Application-Security-Project/0005-serverless-goat.json
@@ -0,0 +1,6 @@
+{
+    "date": "2018-12-18",
+    "name": "OWASP Serverless Goat",
+    "remark": "OWASP ServerlessGoat is a deliberately insecure realistic AWS Lambda serverless application, maintained by OWASP.",
+    "url": "https://www.owasp.org/index.php/OWASP_Serverless_Goat"
+}
diff --git a/data/01-full-stack/Open-Web-Application-Security-Project/0006-modsecurity.json b/data/01-full-stack/Open-Web-Application-Security-Project/0006-modsecurity.json
new file mode 100644
index 0000000..d27d9f7
--- /dev/null
+++ b/data/01-full-stack/Open-Web-Application-Security-Project/0006-modsecurity.json
@@ -0,0 +1,6 @@
+{
+    "date": "2007-03-06",
+    "name": "ModSecurity (open source WAF)",
+    "remark": "ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analys.",
+    "url": "https://github.com/SpiderLabs/ModSecurity"
+}
diff --git a/data/01-full-stack/Open-Web-Application-Security-Project/0007-modsecurity-crs.json b/data/01-full-stack/Open-Web-Application-Security-Project/0007-modsecurity-crs.json
new file mode 100644
index 0000000..83d48ff
--- /dev/null
+++ b/data/01-full-stack/Open-Web-Application-Security-Project/0007-modsecurity-crs.json
@@ -0,0 +1,6 @@
+{
+    "date": "2012-09-19",
+    "name": "OWASP ModSecurity Core Rule Set (CRS)",
+    "remark": "The OWASP ModSecurity Core Rule Set (CRS) is a set of generic attack detection rules for use with ModSecurity or compatible web application firewalls.",
+    "url": "https://github.com/SpiderLabs/owasp-modsecurity-crs"
+}
diff --git a/data/01-full-stack/Open-Web-Application-Security-Project/0008-cheat-sheet-series.json b/data/01-full-stack/Open-Web-Application-Security-Project/0008-cheat-sheet-series.json
new file mode 100644
index 0000000..719d40c
--- /dev/null
+++ b/data/01-full-stack/Open-Web-Application-Security-Project/0008-cheat-sheet-series.json
@@ -0,0 +1,6 @@
+{
+    "date": "2014-03-07",
+    "name": "OWASP Cheat Sheet Series",
+    "remark": "The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics. These cheat sheets were created by various application security professionals who have expertise in specific topics. We hope that the OWASP Cheat Sheet Series provides you with excellent security guidance in an easy to read format.",
+    "url": "https://github.com/OWASP/CheatSheetSeries"
+}
diff --git a/data/01-full-stack/Open-Web-Application-Security-Project/0009-zaproxy.json b/data/01-full-stack/Open-Web-Application-Security-Project/0009-zaproxy.json
new file mode 100644
index 0000000..1e2c38e
--- /dev/null
+++ b/data/01-full-stack/Open-Web-Application-Security-Project/0009-zaproxy.json
@@ -0,0 +1,6 @@
+{
+    "date": "2010-10-06",
+    "name": "OWASP Zed Attack Proxy Project",
+    "remark": "The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. Its also a great tool for experienced pentesters to use for manual security testing.",
+    "url": "https://github.com/zaproxy/zaproxy"
+}
diff --git a/data/C/books-and-ebooks/0002-fedora-defensive-coding.json b/data/C/books-and-ebooks/0002-fedora-defensive-coding.json
index 350c65e..dec5b7b 100644
--- a/data/C/books-and-ebooks/0002-fedora-defensive-coding.json
+++ b/data/C/books-and-ebooks/0002-fedora-defensive-coding.json
@@ -1,7 +1,7 @@
 {
-    "date": "2012",
+    "date": "2013-03-07",
     "free": true,
     "name": "Defensive Coding: A Guide to Improving Software Security by the Fedora Security Team",
     "remark": "Provides guidelines for improving software security through secure coding. Covers common programming languages and libraries, and focuses on concrete recommendations.",
     "url": "https://docs.fedoraproject.org/en-US/Fedora_Security_Team/1/html/Defensive_Coding/index.html"
-}
\ No newline at end of file
+}
diff --git a/data/Java/source-code-analysis/0001-owasp-dependency-check.json b/data/Java/source-code-analysis/0001-owasp-dependency-check.json
new file mode 100644
index 0000000..1d98428
--- /dev/null
+++ b/data/Java/source-code-analysis/0001-owasp-dependency-check.json
@@ -0,0 +1,7 @@
+{
+    "date": "2012-10-23",
+    "free": true,
+    "name": "jeremylong/DependencyCheck",
+    "remark": "OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.",
+    "url": "https://github.com/jeremylong/DependencyCheck"
+}
diff --git a/data/Java/source-code-analysis/0002-find-sec-bugs.json b/data/Java/source-code-analysis/0002-find-sec-bugs.json
new file mode 100644
index 0000000..112d4ae
--- /dev/null
+++ b/data/Java/source-code-analysis/0002-find-sec-bugs.json
@@ -0,0 +1,7 @@
+{
+    "date": "2012-10-19",
+    "free": true,
+    "name": "find-sec-bugs/find-sec-bugs",
+    "remark": "The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)",
+    "url": "https://github.com/find-sec-bugs/find-sec-bugs"
+}
diff --git a/data/Java/tools/0001-zap-api-java.json b/data/Java/tools/0001-zap-api-java.json
new file mode 100644
index 0000000..0f63de7
--- /dev/null
+++ b/data/Java/tools/0001-zap-api-java.json
@@ -0,0 +1,7 @@
+{
+    "date":"2016-06-03",
+    "free": true,
+    "name": "zaproxy/zap-api-java",
+    "remark": "The Java implementation to access the OWASP ZAP API. For more information about OWASP ZAP consult the (main) OWASP ZAP project.",
+    "url": "https://github.com/zaproxy/zap-api-java"
+}
diff --git a/data/Node.js/tools/0001-zap-api-nodejs.json b/data/Node.js/tools/0001-zap-api-nodejs.json
new file mode 100644
index 0000000..8a08b61
--- /dev/null
+++ b/data/Node.js/tools/0001-zap-api-nodejs.json
@@ -0,0 +1,7 @@
+{
+    "date":"2018-11-16",
+    "free": true,
+    "name": "zaproxy/zap-api-nodejs",
+    "remark": "The NodeJS implementation to access the OWASP ZAP API. For more information about OWASP ZAP consult the (main) OWASP ZAP project.",
+    "url": "https://github.com/zaproxy/zap-api-nodejs"
+}
diff --git a/data/Python/source-code-analysis/0001-bandit.json b/data/Python/source-code-analysis/0001-bandit.json
new file mode 100644
index 0000000..1731fe1
--- /dev/null
+++ b/data/Python/source-code-analysis/0001-bandit.json
@@ -0,0 +1,7 @@
+{
+    "date": "2015-02-17",
+    "free": true,
+    "name": "PyCQA/bandit",
+    "remark": "Bandit is a tool designed to find common security issues in Python code.",
+    "url": "https://github.com/PyCQA/bandit"
+}
diff --git a/data/Python/source-code-analysis/0002-safety.json b/data/Python/source-code-analysis/0002-safety.json
new file mode 100644
index 0000000..0438204
--- /dev/null
+++ b/data/Python/source-code-analysis/0002-safety.json
@@ -0,0 +1,7 @@
+{
+    "date": "2016-10-19",
+    "free": true,
+    "name": "pyupio/safety",
+    "remark": "Safety checks your installed dependencies for known security vulnerabilities.",
+    "url": "https://github.com/pyupio/safety"
+}
diff --git a/data/Python/tools/0001-zap-api-python.json b/data/Python/tools/0001-zap-api-python.json
new file mode 100644
index 0000000..e357c32
--- /dev/null
+++ b/data/Python/tools/0001-zap-api-python.json
@@ -0,0 +1,7 @@
+{
+    "date":"2015-05-29",
+    "free": true,
+    "name": "zaproxy/zap-api-python",
+    "remark": "The Python implementation to access the OWASP ZAP API. For more information about OWASP ZAP consult the (main) OWASP ZAP project.",
+    "url": "https://github.com/zaproxy/zap-api-python"
+}
diff --git a/data/Ruby/source-code-analysis/0001-rubocop.json b/data/Ruby/source-code-analysis/0001-rubocop.json
new file mode 100644
index 0000000..0b586cb
--- /dev/null
+++ b/data/Ruby/source-code-analysis/0001-rubocop.json
@@ -0,0 +1,7 @@
+{
+    "date": "2012-05-03",
+    "free": true,
+    "name": "rubocop-hq/rubocop",
+    "remark": "A Ruby static code analyzer and formatter, based on the community Ruby style guide.",
+    "url": "https://github.com/rubocop-hq/rubocop"
+}
diff --git a/data/Ruby/source-code-analysis/0002-brakeman.json b/data/Ruby/source-code-analysis/0002-brakeman.json
new file mode 100644
index 0000000..065b366
--- /dev/null
+++ b/data/Ruby/source-code-analysis/0002-brakeman.json
@@ -0,0 +1,7 @@
+{
+    "date": "2014-02-10",
+    "free": true,
+    "name": "presidentbeef/brakeman",
+    "remark": "A static analysis security vulnerability scanner for Ruby on Rails applications.",
+    "url": "https://github.com/presidentbeef/brakeman"
+}
diff --git a/data/Ruby/source-code-analysis/0003-bundler-audit.json b/data/Ruby/source-code-analysis/0003-bundler-audit.json
new file mode 100644
index 0000000..0ca71f9
--- /dev/null
+++ b/data/Ruby/source-code-analysis/0003-bundler-audit.json
@@ -0,0 +1,7 @@
+{
+    "date": "2013-02-12",
+    "free": true,
+    "name": "rubysec/bundler-audit",
+    "remark": "Patch-level verification for Bundler.",
+    "url": "https://github.com/rubysec/bundler-audit"
+}
diff --git a/data/elixir/source-code-analysis/0001-credo.json b/data/elixir/source-code-analysis/0001-credo.json
new file mode 100644
index 0000000..4d8effc
--- /dev/null
+++ b/data/elixir/source-code-analysis/0001-credo.json
@@ -0,0 +1,7 @@
+{
+    "date": "2015-11-24",
+    "free": true,
+    "name": "rrrene/credo",
+    "remark": "Credo is a static code analysis tool for the Elixir language with a focus on teaching and code consistency.",
+    "url": "https://github.com/rrrene/credo"
+}
diff --git a/data/elixir/source-code-analysis/0002-sobelow.json b/data/elixir/source-code-analysis/0002-sobelow.json
new file mode 100644
index 0000000..ca94311
--- /dev/null
+++ b/data/elixir/source-code-analysis/0002-sobelow.json
@@ -0,0 +1,7 @@
+{
+    "date": "2017-05-12",
+    "free": true,
+    "name": "nccgroup/sobelow",
+    "remark": "Security-focused static analysis for the Phoenix framework.",
+    "url": "https://github.com/nccgroup/sobelow"
+}