#
Lists (2)
Starred repositories
A web browser with dynamic data-flow tracking enabled in the Javascript engine and DOM, based on Mozilla Firefox (https://github.com/mozilla/gecko-dev). It can be used to identify insecure data flo…
luax is a Lua interpreter and REPL based on Lua 5.4, augmented with some useful packages. It is also a "compiler" that produces standalone executables from Lua scripts.
GitHub Action that will get a scoped short lived token for Actions workflows using a GitHub Application.
.NET is a cross-platform runtime for cloud, mobile, desktop, and IoT apps.
APIDetector: Efficiently scan for exposed Swagger endpoints across web domains and subdomains. Supports HTTP/HTTPS, multi-threading, and flexible input/output options. Ideal for API security testing.
A library and language for building parsers, interpreters, compilers, etc.
🔐CNCF Security Technical Advisory Group -- secure access, policy control, privacy, auditing, explainability and more!
Arsenal is just a quick inventory and launcher for hacking programs
A browser API to prevent DOM-Based Cross Site Scripting in modern web applications.
A curated list of GPT agents for cybersecurity
Your friendliest open source all-in-one automation tool ✨ Workflow automation tool 200+ integration / Enterprise automation tool / Zapier Alternative
A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.
An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.
AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE ATT&CK framework. The tool generates tailored incident resp…
Deserialization payload generator for a variety of .NET formatters
BChecks collection for Burp Suite Professional and Burp Suite Enterprise Edition
Firefox extension for managing tabs and bookmarks in sidebar.
ATHI — An AI Threat Modeling Framework for Policymakers
🐙 Guides, papers, lecture, notebooks and resources for prompt engineering
Dropbox LLM Security research code and results
Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan & VirusTotal!
An open-source collection of API key rotation tutorials.
Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix
Streamline vulnerability patching with CVSS, EPSS, and CISA's Known Exploited Vulnerabilities. Prioritize actions based on real-time threat information, gain a competitive advantage, and stay infor…
Manager of third-party sources of Semgrep rules 🗂
Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets
