MaTTeo's starred repositories

protobom

A universal SBOM representation in protocol buffers

Language:GoLicense:Apache-2.0Stargazers:235Issues:0Issues:0

TaaC-AI

AI-driven Threat modeling-as-a-Code (TaaC-AI)

Language:HTMLStargazers:86Issues:0Issues:0

security-champions-playbook

Security Champions Playbook v 2.1

Stargazers:330Issues:0Issues:0

DeFiHackLabs

Reproduce DeFi hacked incidents using Foundry.

Language:SolidityStargazers:4963Issues:0Issues:0

ASVS

Application Security Verification Standard

Language:HTMLLicense:CC-BY-SA-4.0Stargazers:2600Issues:0Issues:0

js-x-ray

JavaScript & Node.js open-source SAST scanner. A static analyser for detecting most common malicious patterns 🔬.

Language:JavaScriptLicense:MITStargazers:215Issues:0Issues:0

Application-Security-Engineer-Interview-Questions

Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer

Stargazers:620Issues:0Issues:0

container-security-checklist

Checklist for container security - devsecops practices

License:Apache-2.0Stargazers:1492Issues:0Issues:0

combobulator

Dependency Combobulator

Language:PythonLicense:Apache-2.0Stargazers:85Issues:0Issues:0

dependency-track

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Language:JavaLicense:Apache-2.0Stargazers:2441Issues:0Issues:0

threat-dragon

An open source threat modeling tool from OWASP

Language:JavaScriptLicense:Apache-2.0Stargazers:842Issues:0Issues:0

sonar-cnes-report

Generates analysis reports from SonarQube web API.

Language:JavaLicense:GPL-3.0Stargazers:420Issues:0Issues:0

awesome-secret

Curated list of Secret Network resources, both official and unofficial

Stargazers:82Issues:0Issues:0

awesome-threat-modelling

A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.

Language:DockerfileLicense:CC0-1.0Stargazers:1306Issues:0Issues:0

threat-matrix-cicd

Threat matrix for CI/CD Pipeline

Stargazers:718Issues:0Issues:0

GOATCasino

This is an intentionally vulnerable smart contract truffle deployment aimed at allowing those interested in smart contract security to exploit a wide variety of issues in a safe environment.

Language:JavaScriptLicense:MITStargazers:112Issues:0Issues:0

dasp

The Decentralized Application Security Project

Language:HTMLStargazers:235Issues:0Issues:0

kics

Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.

Language:Open Policy AgentLicense:Apache-2.0Stargazers:1970Issues:0Issues:0

specs

Technical specifications for the libp2p networking stack

Stargazers:1517Issues:0Issues:0

ion

The Identity Overlay Network (ION) is a DID Method implementation using the Sidetree protocol atop Bitcoin

Language:HTMLLicense:Apache-2.0Stargazers:1229Issues:0Issues:0

hugo-future-imperfect-slim

Multilingual Blogging Theme for Hugo | Check the Wiki for Documentation

Language:JavaScriptLicense:NOASSERTIONStargazers:304Issues:0Issues:0

threat-model-cookbook

This project is about creating and publishing threat model examples.

Language:PythonLicense:NOASSERTIONStargazers:398Issues:0Issues:0

openzeppelin-contracts

OpenZeppelin Contracts is a library for secure smart contract development.

Language:JavaScriptLicense:MITStargazers:24470Issues:0Issues:0

learning-solidity

The companion to the Youtube tutorials

Language:SolidityStargazers:2067Issues:0Issues:0

solidity-security-blog

Comprehensive list of known attack vectors and common anti-patterns

License:NOASSERTIONStargazers:1362Issues:0Issues:0

awesome-ethereum-security

A curated list of awesome Ethereum security references

License:CC-BY-4.0Stargazers:1290Issues:0Issues:0

awesome-solidity

⟠ A curated list of awesome Solidity resources, libraries, tools and more

Stargazers:6438Issues:0Issues:0

ethernaut

Web3/Solidity based wargame

Language:SolidityLicense:MITStargazers:1927Issues:0Issues:0

Veracode-Community-Projects

Collection of open source projects that include automation of common Veracode Platform tasks, new integrations, HMAC signing libraries, etc

License:MITStargazers:67Issues:0Issues:0

owasp-threat-dragon

An open source, online threat modelling tool from OWASP

Language:JavaScriptLicense:Apache-2.0Stargazers:480Issues:0Issues:0