A proposed standard that allows websites to define security policies.

Explains how to create a security.txt for your site

I think it’s relatively well known among people I talk with that blurring text isnt effective at preventing people from finding out what it said. But do they know this is also true of pixalization?

Ahmia is the search engine for .onion domains on the Tor anonymity network. It is led by Juha Nurmi and is based in Finland. This repository contains crawlers used by Ahmia search engine.

Most HTTP vulnerabilities don’t come from sophisticated attacks. They come from misunderstanding where your framework stops protecting you. This covers the edge cases that actually bite production APIs: Range headers, path traversal, encoding conflicts, and request smuggling

これ、ブラウザーフィンガープリントを全て同一にする機能があるprivacy系ブラウザのmullvad browserがとばっちりを喰らいそうで怖いな

Open Source User Authentication. Build fast, maintain control, with reasonable pricing.

All-in-one OSINT tool, for quickly checking a websites data

Quickly and easily assess the security of your HTTP response headers

This guide covers the basics of hardening a new Linux virtual machine when you’d rather be doing something else.

applies a small electric shock every time you visit a website served over plain HTTP without TLS

Multipurpose converter and generator. Can directly send generated results to any url.

A collection of thoughts from a maintainer of the Public Suffix List (PSL) about the importance of avoiding new Web Platform features, security, or privacy boundaries assuming the PSL is a good starting point.