MaTTeo's starred repositories
security-champions-playbook
Security Champions Playbook v 2.1
DeFiHackLabs
Reproduce DeFi hacked incidents using Foundry.
Application-Security-Engineer-Interview-Questions
Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
container-security-checklist
Checklist for container security - devsecops practices
combobulator
Dependency Combobulator
dependency-track
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
threat-dragon
An open source threat modeling tool from OWASP
sonar-cnes-report
Generates analysis reports from SonarQube web API.
awesome-secret
Curated list of Secret Network resources, both official and unofficial
awesome-threat-modelling
A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.
threat-matrix-cicd
Threat matrix for CI/CD Pipeline
GOATCasino
This is an intentionally vulnerable smart contract truffle deployment aimed at allowing those interested in smart contract security to exploit a wide variety of issues in a safe environment.
hugo-future-imperfect-slim
Multilingual Blogging Theme for Hugo | Check the Wiki for Documentation
threat-model-cookbook
This project is about creating and publishing threat model examples.
openzeppelin-contracts
OpenZeppelin Contracts is a library for secure smart contract development.
learning-solidity
The companion to the Youtube tutorials
solidity-security-blog
Comprehensive list of known attack vectors and common anti-patterns
awesome-ethereum-security
A curated list of awesome Ethereum security references
awesome-solidity
⟠ A curated list of awesome Solidity resources, libraries, tools and more
Veracode-Community-Projects
Collection of open source projects that include automation of common Veracode Platform tasks, new integrations, HMAC signing libraries, etc
owasp-threat-dragon
An open source, online threat modelling tool from OWASP