Read-only developer endpoint scanner for on-disk package, extension, and developer-tool metadata, built to check exposure to known software supply-chain compromises.

Claude Code plugins and Codex skills from Calif.io for AI-assisted security research and code auditing

🐛 A tool that can speed up linting of php files by running several lint processes at once.

Find unused and duplicated definitions easily – without running Behat tests

This tool check syntax of PHP files faster than serial check with fancier output.

Give each AI agent its own isolated machine with root, Docker, and systemd. Active defense detects and stops threats automatically..

🔬 A Ruby library for carefully refactoring critical paths.

vacuum is the worlds fastest and most versatile OpenAPI, AsyncAPI & JSON Schema linter, docs generator and toolkit. It tears through API specs at light speed. 100% compatible with Spectral rulesets…

Copy Fail (CVE-2026-31431): 9-year-old Linux kernel LPE found by Theori's Xint Code

Adds strong typing to return types of the official AWS SDK for PHP

Get error count for each PHPStan level

OpenFeature specification

OpenAPI - Getting started, and the specification explained

🔠 Tool for generation samples based on OpenAPI(fka Swagger) payload/response schema

Scan your dev machine for AI agents, MCP servers, IDE extensions, and suspicious packages - in seconds.

Google Calendar RAT is a PoC of Command&Control over Google Calendar Events

Static analysis for GitHub Actions

Generate CloudFormation / Terraform / Troposphere templates from your existing AWS resources.

A statistical monte-carlo roadmapping tool for Jira.

Shannon Lite is an autonomous, white-box AI pentester for web applications and APIs. It analyzes your source code, identifies attack vectors, and executes real exploits to prove vulnerabilities bef…

Psalm Plugin for Symfony

More than 200 powerful ESLint rules

🔌 An ESLint plugin to prevent TODO comments with expired dates.

PoC

PHP Mutation Testing library

The Best Node.js Tool for Automatically Generating API Documentation from Test Code

Learn and Master Node.js. V8, libuv, event loop, buffers, streams, async internals, performance, security, deployment, and production architecture.

Ora2Pg is a free tool used to migrate an Oracle database to a PostgreSQL compatible schema. It connects your Oracle database, scan it automatically and extracts its structure or data, it then gener…

Extra strict and opinionated psr/log (psr-3) rules for PHPStan

Prometheus-based Kubernetes Resource Recommendations