Skip to content
View inkz's full-sized avatar
24 followers · 1 following

Achievements

Achievement: Pair Extraordinairex3Achievement: QuickdrawAchievement: YOLOAchievement: Pull Sharkx3Achievement: Public SponsorAchievement: Arctic Code Vault Contributor

Achievements

Achievement: Pair Extraordinairex3Achievement: QuickdrawAchievement: YOLOAchievement: Pull Sharkx3Achievement: Public SponsorAchievement: Arctic Code Vault Contributor

Highlights

Organizations

@semgrep @try-it-out

Block or report inkz

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

Stars

Showing results

goldbergyoni / nodebestpractices

✅ The Node.js best practices list (July 2024)

Dockerfile 105,211 10,718 Updated Apr 15, 2025

swisskyrepo / PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Python 76,980 16,860 Updated Apr 18, 2026

mitmproxy / mitmproxy

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

Python 43,168 4,519 Updated Apr 13, 2026

semgrep / semgrep

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

OCaml 14,841 914 Updated Apr 17, 2026

devicons / devicon

Set of icons representing programming languages, designing & development tools

CSS 11,573 2,450 Updated Apr 2, 2026

HackTricks-wiki / hacktricks

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

CSS 11,188 3,055 Updated Apr 18, 2026

alufers / mitmproxy2swagger

Automagically reverse-engineer REST APIs via capturing traffic

HTML 9,398 354 Updated Apr 13, 2026

OWASP / wstg

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

9,092 1,583 Updated Apr 17, 2026

bloomrpc / bloomrpc

Former GUI client for gRPC services. No longer maintained.

TypeScript 9,007 471 Updated Jan 4, 2023

LOLBAS-Project / LOLBAS

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

XSLT 8,465 1,126 Updated Mar 16, 2026

streaak / keyhacks

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

6,171 1,215 Updated Aug 14, 2024

mixn / carbon-now-cli

🎨 Beautiful images of your code — from right inside your terminal.

TypeScript 6,011 126 Updated Nov 14, 2025

google / security-research

This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.

C 4,415 530 Updated Apr 15, 2026

zizmorcore / zizmor

Static analysis for GitHub Actions

Rust 4,209 170 Updated Apr 18, 2026

jaredpalmer / after.js

Next.js-like framework for server-rendered React apps built with React Router

TypeScript 4,108 196 Updated Feb 26, 2024

rhysd / actionlint

:octocat: Static checker for GitHub Actions workflow files

Go 3,795 213 Updated Apr 2, 2026

Bo0oM / fuzz.txt

Potentially dangerous files

3,292 529 Updated Aug 25, 2025

jehna / humanify

Deobfuscate Javascript code using ChatGPT

TypeScript 3,154 198 Updated Feb 2, 2026

lirantal / awesome-nodejs-security

Awesome Node.js Security resources

2,995 279 Updated Apr 17, 2026

microsoft / restler-fuzzer

RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.

Python 2,895 324 Updated Apr 15, 2026

googleprojectzero / fuzzilli

A JavaScript Engine Fuzzer

Swift 2,181 360 Updated Apr 8, 2026

BishopFox / jsluice

Extract URLs, paths, secrets, and other interesting bits from JavaScript

Go 1,815 137 Updated May 22, 2024

tomnomnom / meg

Fetch many paths for many hosts - without killing the hosts

Go 1,714 268 Updated Feb 3, 2024

BlackFan / client-side-prototype-pollution

Prototype Pollution and useful Script Gadgets

1,612 222 Updated Jan 27, 2024

google / firing-range

Java 1,410 235 Updated Nov 13, 2020

tadwhitaker / Security_Engineer_Interview_Questions

Every Security Engineer Interview Question From Glassdoor.com

1,258 224 Updated Mar 2, 2024

Simpsonpt / AppSecEzine

AppSec Ezine Public Repository.

1,218 107 Updated Nov 14, 2025

httpvoid / writeups

1,202 176 Updated Sep 2, 2022

semgrep / semgrep-rules

Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.

HCL 1,133 521 Updated Apr 18, 2026

appsecco / breaking-and-pwning-apps-and-servers-aws-azure-training

Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!

CSS 951 256 Updated Nov 26, 2022
Next