sickTools

a collection of useful, special, or just cool tools to use and try to get more done in less time.

AppSec Tools

lynis | active |: Security auditing tool for Linux, macOS, and UNIX-based systems
killcord | new |: a censorship resistant deadman's switch
OWASP ZAP | active |: autodetect security vulnerabilities in your web applications while developing and testing your applications
ClamAV | new |: open source antivirus engine for detecting trojans, viruses, malware & other malicious threats.

deps.dev | active |: Understand your dependencies - you need to know about security vulnerabilities, licenses, recent releases, and more.
osv.dev | new |: A distributed vulnerability database for Open Source
OWASP dependencytrack | active |: Reduce Supply Chain Risk - Continuous SBOM Analysis Platform
OWASP DependencyCheck | active |: dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
dep-scan | active |: fully open-source security audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies.

CyberChef | active |: The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
regex 101 | active |: Free multilingual regular expression debugger with real time explanation, error detection and highlighting. Supports PCRE, JavaScript, GoLang, and Java.

(js-) IPFS | active |: A peer-to-peer hypermedia protocol designed to make the web faster, safer, and more open.
ML5.js | tested |: Friendly & easy to use machine learning for the web!
TensorFlow | new |: Open Source Machine Learning Framework (With extensive docs and big community)
deno | testing |: Deno aims to provide a productive and secure scripting environment for the modern programmer. It is built on top of V8, Rust, and TypeScript.
PNPM | testing |: Faster, disk space efficient package manager, with good monorepo support.
verdaccio | new |: A lightweight open source private npm proxy registry
caprover | new |: Easiest app/database deployment platform and webserver package for your NodeJS, Python, PHP, Ruby, Go applications. No Docker, nginx knowledge required!
megalinter | new |: Mega-Linter analyzes 50 languages, 22 formats, 21 tooling formats, excessive copy-pastes, spelling mistakes and security issues in your repository sources with a GitHub Action, other CI tools or locally.

Chrome Galvanizer | tested |: Harden your Chrome browser via enterprise policy.
Cursed Chrome | new |: Chrome-extension implant that turns victim Chrome browsers into fully-functional HTTP proxies, allowing you to browse sites as your victims.
NMAP | active |: The #1 network scanner & mapper
nmap-vulners | active |: extension to NMAP that chekcs for more known vulns
lesspass | new |: stateless open source password manager
GrantProxy | new |: Turn your web browser into a magic proxy server in one click.
ohmyzsh | new |: A delightful community-driven framework for managing your zsh configuration. Includes 200+ plugins
CycloneDX | new |: OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reduction.

a collection of useful guides or tutorials to stay safe.

OWASP Cheat Sheets | active |: These cheat sheets were created by various application security professionals who have expertise in specific topics.
PortSwigger XSS CheatSheet | active |: An extensive list of known XSS vulns, sortable and searchable

HTMLHEAD.dev : A free guide to HTML5 elements
CSS FlexBox Cheatsheet | active |: the only CSS flexbox cheatsheet you'll need
DevDocs.io | active |: Huge, fast, searchable reporsitory for dev documentation, from java to docker, from rust to WordPress.
Set Up a Private NPM Registry Locally | tested |: using verdaccio to setup local NPM registry.
Grepper | new |: Accrue code answers to common coding problems, find code answers without thinking - using Greppers “code problem” search engine.