Skip to content
View inkz's full-sized avatar
24 followers · 1 following

Achievements

Achievement: Pair Extraordinairex3Achievement: QuickdrawAchievement: YOLOAchievement: Pull Sharkx3Achievement: Public SponsorAchievement: Arctic Code Vault Contributor

Achievements

Achievement: Pair Extraordinairex3Achievement: QuickdrawAchievement: YOLOAchievement: Pull Sharkx3Achievement: Public SponsorAchievement: Arctic Code Vault Contributor

Highlights

Organizations

@semgrep @try-it-out

Block or report inkz

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

Stars

Showing results

goldbergyoni / nodebestpractices

✅ The Node.js best practices list (July 2024)

Dockerfile 105,176 10,713 Updated Apr 15, 2025

swisskyrepo / PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Python 76,867 16,841 Updated Apr 8, 2026

mitmproxy / mitmproxy

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

Python 43,067 4,514 Updated Apr 13, 2026

semgrep / semgrep

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

OCaml 14,786 911 Updated Apr 13, 2026

devicons / devicon

Set of icons representing programming languages, designing & development tools

CSS 11,567 2,446 Updated Apr 2, 2026

HackTricks-wiki / hacktricks

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

CSS 11,161 3,050 Updated Apr 13, 2026

alufers / mitmproxy2swagger

Automagically reverse-engineer REST APIs via capturing traffic

HTML 9,348 348 Updated Apr 13, 2026

OWASP / wstg

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

9,078 1,581 Updated Apr 13, 2026

bloomrpc / bloomrpc

Former GUI client for gRPC services. No longer maintained.

TypeScript 9,007 470 Updated Jan 4, 2023

LOLBAS-Project / LOLBAS

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

XSLT 8,444 1,124 Updated Mar 16, 2026

streaak / keyhacks

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

6,159 1,211 Updated Aug 14, 2024

mixn / carbon-now-cli

🎨 Beautiful images of your code — from right inside your terminal.

TypeScript 6,005 126 Updated Nov 14, 2025

google / security-research

This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.

C 4,412 527 Updated Apr 10, 2026

zizmorcore / zizmor

Static analysis for GitHub Actions

Rust 4,162 165 Updated Apr 13, 2026

jaredpalmer / after.js

Next.js-like framework for server-rendered React apps built with React Router

TypeScript 4,107 196 Updated Feb 26, 2024

rhysd / actionlint

:octocat: Static checker for GitHub Actions workflow files

Go 3,783 211 Updated Apr 2, 2026

Bo0oM / fuzz.txt

Potentially dangerous files

3,292 529 Updated Aug 25, 2025

jehna / humanify

Deobfuscate Javascript code using ChatGPT

TypeScript 3,151 199 Updated Feb 2, 2026

lirantal / awesome-nodejs-security

Awesome Node.js Security resources

2,991 278 Updated Apr 3, 2026

microsoft / restler-fuzzer

RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.

Python 2,893 324 Updated Mar 18, 2026

googleprojectzero / fuzzilli

A JavaScript Engine Fuzzer

Swift 2,175 359 Updated Apr 8, 2026

BishopFox / jsluice

Extract URLs, paths, secrets, and other interesting bits from JavaScript

Go 1,812 137 Updated May 22, 2024

tomnomnom / meg

Fetch many paths for many hosts - without killing the hosts

Go 1,714 268 Updated Feb 3, 2024

BlackFan / client-side-prototype-pollution

Prototype Pollution and useful Script Gadgets

1,607 221 Updated Jan 27, 2024

google / firing-range

Java 1,410 235 Updated Nov 13, 2020

tadwhitaker / Security_Engineer_Interview_Questions

Every Security Engineer Interview Question From Glassdoor.com

1,257 224 Updated Mar 2, 2024

Simpsonpt / AppSecEzine

AppSec Ezine Public Repository.

1,218 107 Updated Nov 14, 2025

httpvoid / writeups

1,202 176 Updated Sep 2, 2022

semgrep / semgrep-rules

Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.

HCL 1,125 518 Updated Apr 13, 2026

appsecco / breaking-and-pwning-apps-and-servers-aws-azure-training

Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!

CSS 951 257 Updated Nov 26, 2022
Next