Free and Open Source, Distributed, RESTful Search Engine

Everything you need to know to get the job.

Graphs for Everyone

The ZAP by Checkmarx Core project

Official repository of Trino, the distributed SQL query engine for big data, formerly known as PrestoSQL (https://trino.io)

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.

Modern Java decompiler aiming to be as accurate as possible, with an emphasis on output quality. Fork of the Fernflower decompiler.

HackBar plugin for Burpsuite

completely ridiculous API (crAPI)

Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228).

Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans

🐘 SonarPHP: PHP static analyzer for SonarQube & SonarLint

Microservices Security in Action Book Samples

An automated tool for the detection of regexes' slow-matching vulnerabilities.

Google App Engine - Remote Code Execution bug ($36k bug bounty)

Instrumentation framework for Node.js compliant to ECMAScript 2020 based on GraalVM.

Exploit PoC for Spring RCE issue (CVE-2011-2894)

PHP Unserialize Check - Burp Scanner Extension