Stars
🗂 Knowledge Base on the Security of Chromium Extensions (https://extensions.neplox.security)
A collection of smart contract vulnerabilities along with prevention methods
The Web3 Security Resources Hub is a comprehensive collection of curated tools, guides, and best practices for securing decentralized systems and smart contracts in the blockchain space.
Extracts function selectors, arguments, state mutability and storage layout from EVM bytecode, even for unverified contracts
Realtime log viewer for containers. Supports Docker, Swarm and K8s.
📄 [Talk] OFFZONE 2022 / ODS Data Halloween 2022: Black-box attacks on ML models + with use of open-source tools
A fast tool to scan CRLF vulnerability written in Go
Android Reverse-Engineering Workbench for VS Code
serverless ⚡ framework plugin for golang lambdas
Bundle of wordlists for brute-forcing subdomains (World + RUSSIA based).
Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.
This repository contains some of the most exhaustive wordlists for enumeration, gathered from a lot of wordlists available on the Internet.
secure tunnel which help you protecting your tcp traffic between your machine and your service on remote.
Restish is a CLI for interacting with REST-ish HTTP APIs with some nice features built-in
Dumpling is a fast, easy-to-use tool written by Go for dumping data from the database(MySQL, TiDB...) to local/cloud(S3, GCP...) in multifarious formats(SQL, CSV...).
OWASP Web Application Security Testing Checklist
High speed/Low cost CommonCrawl RegExp in Node.js
40X/HTTP bypasser in Go. Features: Verb tampering, headers, #bugbountytips, User-Agents, extensions, default credentials...
A curated list of awesome blogs and tools about HTTP request smuggling attacks. Feel free to contribute! 🍻
RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.
Contraband filtering reverse proxy for plain http and SSL.
Deadshot is a Github pull request scanner to identify sensitive data being committed to a repository