Sanitizer for OpenType

A collection of my Semgrep rules to facilitate vulnerability research.

XS-Leak Browser Test Suite

Tutorials, examples, discussions, research proposals, and other resources related to fuzzing

A simple system to turn an ESP8266 or ESP32 into an SPI memory flasher

A utility to download Chrome extensions as CRX or ZIP.

Damn Vulnerable Web Application (DVWA)

Fuzzing Browsers

Flipper Zero firmware source code

Everything about Web Application Firewalls (WAFs) from Security Standpoint! 🔥

Check your WAF before an attacker does

Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.

Coverage-guided, in-process fuzzing for Node.js

The Bug Hunters Methodology

Go/gRPC service designed to enable generic rate limit scenarios from different types of applications.

jsluice++ is a Burp Suite extension designed for passive and active scanning of JavaScript traffic using the CLI tool jsluice

Mirror of BoringSSL

Presentation Slides for Developers

A lightweight command-line tool that spins up a local web server to display Git commit diffs in a GitHub-like Files changed view

Endo is a distributed secure JavaScript sandbox, based on SES

information gathering

Roo Code gives you a whole dev team of AI agents in your code editor.

A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀

A complete table of results of types comparison in multiple languages

A robust quine program that works even after any one character is deleted.