OWASP Non-Human Identities Top 10

select * from logs; Tailpipe is an open source SIEM for instant log insights, powered by DuckDB. Analyze millions of events in seconds, right from your terminal.

View HTTP/HTTPS requests made by any Linux program

React components for efficiently rendering large lists and tabular data

☁️ Live reload for Go apps

To check ip address risk and proxy usage using ip address check services

Path traversal in Ollama with rogue registry server

A tool for encouraging the installation of macOS security updates.

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

This repository has the JSON file required to perform user enumeration on various websites.

Asset inventory of over 800 public bug bounty programs.

Fast passive subdomain enumeration tool.

In-depth attack surface mapping and asset discovery

The Bug Hunters Methodology

AI-based Pull Request Summarizer and Reviewer with Chat Capabilities.

🔰 SECCON Beginners CTF 2024 Satoki問 Writeups

バーチャル背景が適用された動画から部屋の背景画像を復元する

🔰 SECCON Beginners CTF 2023 Satoki問 Writeups

Exploit for CVE-2023-3460. Unauthorized admin access for Ultimate Member plugin < v2.6.7

Burp Plugin to Bypass WAFs through the insertion of Junk Data

🕵️‍♂️ Offensive Google framework.

A basic guideline on implementing auth for the web

Some notes about Hydra for bruteforcing

Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown

A collection of GPT system prompts and various prompt injection/leaking knowledge.

『Webブラウザセキュリティ ― Webアプリケーションの安全性を支える仕組みを整理する』サンプルコード

🐍 A toolkit for testing, tweaking and cracking JSON Web Tokens

Get aware of any activities that are taking place on your dashboard! Imagine it like a black-box for your WordPress site.

🦄🔒 Awesome list of secrets in environment variables 🖥️