Minimalist cheat sheet for developpers to write secure code
☆54Jul 17, 2020Updated 5 years ago
Alternatives and similar repositories for security-cheat-sheet
Users that are interested in security-cheat-sheet are comparing it to the libraries listed below
Sorting:
- Burp and ZAP plugin that display image metadata (JPEG Exif or PNG text chunk).☆15Apr 15, 2023Updated 2 years ago
- Accompanying material needed for the workshop☆11Jun 14, 2023Updated 2 years ago
- ☆20Jan 12, 2022Updated 4 years ago
- Material from presentations done by GoSecure researchers☆34Oct 10, 2023Updated 2 years ago
- References, tools and sample payloads☆11Sep 16, 2016Updated 9 years ago
- Workshop given at Hack in Paris 2019☆126Jun 8, 2023Updated 2 years ago
- Identify vulnerable libraries in Maven dependencies☆46Dec 14, 2022Updated 3 years ago
- ☆16Oct 30, 2022Updated 3 years ago
- source code audit tool☆49May 9, 2021Updated 4 years ago
- FxCop rules that aim to help security audit on .NET applications.☆14Nov 10, 2017Updated 8 years ago
- Carve Windows Prefetch files from arbitrary binary data☆16Jun 11, 2017Updated 8 years ago
- Repository to showcase various configuration recipes with various technologies☆36Dec 16, 2022Updated 3 years ago
- psychoPATH - hunting file uploads & LFI in the dark. This tool is a customisable payload generator designed for blindly detecting LFI & w…☆19Jun 28, 2018Updated 7 years ago
- Standardizing Security Titles☆13Dec 31, 2025Updated 2 months ago
- A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs☆55Mar 27, 2017Updated 8 years ago
- Portable utility to check if a machine has been infected by Shamoon2☆15Jan 13, 2017Updated 9 years ago
- splunk_pentest_app☆50Apr 22, 2016Updated 9 years ago
- Collection of my slide decks, conference videos and research white papers☆27Sep 23, 2025Updated 5 months ago
- A Collection of Proof of Concepts for non-published Web Exploits and Common CVEs☆10Nov 29, 2020Updated 5 years ago
- Rapid Assessment of Web Resources☆19Nov 11, 2016Updated 9 years ago
- DO NOT RUN THIS.☆10Jul 15, 2021Updated 4 years ago
- ☆90Sep 7, 2018Updated 7 years ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆47Mar 22, 2017Updated 8 years ago
- ☆12Mar 31, 2021Updated 4 years ago
- Collection of Some Good research Documentation☆27Dec 10, 2017Updated 8 years ago
- My notes of Day1 Day2 will be posted here as journey☆17Jan 6, 2021Updated 5 years ago
- CTF(x) 2016 problem statements, files, and writeups☆16Jan 30, 2019Updated 7 years ago
- PrOfESSOS is our open source implementation for fully automated Evaluation-as-a-Service for SSO. PrOfESSOS introduces a generic approach …☆29Jan 8, 2023Updated 3 years ago
- A collection of scripts that I've written while pentesting.☆31Aug 3, 2018Updated 7 years ago
- A collection of XSS Attack vectors☆10Apr 26, 2025Updated 10 months ago
- Discord bot to display events and information about a CTFd instance (https://ctfd.io/)☆11Jul 9, 2024Updated last year
- Automated Reverse TCP tunneling using a digitalocean instance and aploium's shootback repo (https://github.com/aploium/shootback)☆13Oct 30, 2018Updated 7 years ago
- ☆11Jul 28, 2020Updated 5 years ago
- Contains all my research and content produced regarding the log4shell vulnerability☆31Jan 22, 2022Updated 4 years ago
- Presentation Slides☆26Jun 7, 2019Updated 6 years ago
- Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a Website☆141Apr 29, 2020Updated 5 years ago
- A deliberately vulnerable modern day app with lots of DOM related bugs☆35May 19, 2019Updated 6 years ago
- ☆11Jan 24, 2023Updated 3 years ago
- A CLI that utilizes Okta IdP via SAML to acquire temporary AWS credentials☆10Jun 30, 2021Updated 4 years ago