A very basic fuzzer to replicate the "sniper" functionality in Burp. WhatTheFuzz needs a source of invalid values. You can create one by adding a bunch of test cases to a text file (one per line) or I suggest you use FuzzDB, a great resource for that kind of thing. BSD License
This is an ultra basic websockets demo that builds chatroom-like functionality for demo in ILT. It includes no security features (such as AuthN/AuthZ) and some of the basic security features have been commented out for demonstration purposes (more secure lines are just above) originally forked from: https://github.com/heroku-examples/ruby-websockets-chat-demo but heavily modified (and made more insecure for demo purposes)
YASAT (Yet Another Static Analysis Tool) is a very basic static analysis tool, really it's less about static analysis and more about running a group of regular expressions on a code base and generating a report on the resulting matches.