Skip to content
View inkz's full-sized avatar
25 followers · 1 following

Achievements

Achievement: Pair Extraordinairex3Achievement: QuickdrawAchievement: YOLOAchievement: Pull Sharkx3Achievement: Public SponsorAchievement: Arctic Code Vault Contributor

Achievements

Achievement: Pair Extraordinairex3Achievement: QuickdrawAchievement: YOLOAchievement: Pull Sharkx3Achievement: Public SponsorAchievement: Arctic Code Vault Contributor

Highlights

Organizations

@semgrep @try-it-out

Block or report inkz

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

Stars

Showing results

goldbergyoni / nodebestpractices

✅ The Node.js best practices list (July 2024)

Dockerfile 105,181 10,705 Updated Apr 15, 2025

swisskyrepo / PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Python 76,531 16,807 Updated Mar 16, 2026

mitmproxy / mitmproxy

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

Python 42,909 4,502 Updated Mar 24, 2026

semgrep / semgrep

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

OCaml 14,625 900 Updated Apr 1, 2026

devicons / devicon

Set of icons representing programming languages, designing & development tools

CSS 11,543 2,444 Updated Mar 29, 2026

HackTricks-wiki / hacktricks

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

CSS 11,111 3,035 Updated Apr 1, 2026

alufers / mitmproxy2swagger

Automagically reverse-engineer REST APIs via capturing traffic

HTML 9,303 347 Updated Mar 16, 2026

OWASP / wstg

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

9,010 1,582 Updated Apr 1, 2026

bloomrpc / bloomrpc

Former GUI client for gRPC services. No longer maintained.

TypeScript 9,006 470 Updated Jan 4, 2023

LOLBAS-Project / LOLBAS

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

XSLT 8,414 1,121 Updated Mar 16, 2026

streaak / keyhacks

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

6,134 1,201 Updated Aug 14, 2024

mixn / carbon-now-cli

🎨 Beautiful images of your code — from right inside your terminal.

TypeScript 5,998 127 Updated Nov 14, 2025

google / security-research

This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.

C 4,403 523 Updated Mar 31, 2026

jaredpalmer / after.js

Next.js-like framework for server-rendered React apps built with React Router

TypeScript 4,113 197 Updated Feb 26, 2024

zizmorcore / zizmor

Static analysis for GitHub Actions

Rust 3,984 155 Updated Apr 1, 2026

rhysd / actionlint

:octocat: Static checker for GitHub Actions workflow files

Go 3,740 207 Updated Mar 31, 2026

Bo0oM / fuzz.txt

Potentially dangerous files

3,288 529 Updated Aug 25, 2025

jehna / humanify

Deobfuscate Javascript code using ChatGPT

TypeScript 3,148 198 Updated Feb 2, 2026

lirantal / awesome-nodejs-security

Awesome Node.js Security resources

2,987 277 Updated Apr 1, 2026

microsoft / restler-fuzzer

RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.

Python 2,887 324 Updated Mar 18, 2026

googleprojectzero / fuzzilli

A JavaScript Engine Fuzzer

Swift 2,172 360 Updated Mar 30, 2026

BishopFox / jsluice

Extract URLs, paths, secrets, and other interesting bits from JavaScript

Go 1,786 136 Updated May 22, 2024

tomnomnom / meg

Fetch many paths for many hosts - without killing the hosts

Go 1,711 267 Updated Feb 3, 2024

BlackFan / client-side-prototype-pollution

Prototype Pollution and useful Script Gadgets

1,605 220 Updated Jan 27, 2024

google / firing-range

Java 1,410 235 Updated Nov 13, 2020

tadwhitaker / Security_Engineer_Interview_Questions

Every Security Engineer Interview Question From Glassdoor.com

1,257 224 Updated Mar 2, 2024

Simpsonpt / AppSecEzine

AppSec Ezine Public Repository.

1,218 107 Updated Nov 14, 2025

httpvoid / writeups

1,202 177 Updated Sep 2, 2022

semgrep / semgrep-rules

Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.

HCL 1,115 513 Updated Apr 1, 2026

appsecco / breaking-and-pwning-apps-and-servers-aws-azure-training

Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!

CSS 950 258 Updated Nov 26, 2022
Next