Chetan Conikee's repositories
mdparser
A simple Markdown Parser
jackspoilt
Contextual Deserialization vulnerability that causes RCE - Remote Code Execution
ollama_aws
Playbook to deploy Ollama in AWS
log4shell-vulnerable-app
A Basic Java Application Vulnerable to the Log4Shell RCE
java-sec-code
Java web common vulnerabilities and security code which is base on springboot and spring security
NodeGoat
The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.
SpringMvcPathVariable
Annotations based project for Threat Hunting
log4shell-scanner-rs
Scans the file system to find Log4Shell vulnerabilities.
vercel-wasm-runtime
A template project for building high-performance, portable, and safe serverless functions in Vercel.
Benchmark
OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually exploitable, it’s a fair test for any kind of vulnerability detection tool. For more details on this project, please see the OWASP Benchmark Project home page.
devops-demo-code-scanning
NodeJS project with ZipSlip vulnerability
sunburst-analysis
Analysis of SunBurst (SolarWinds) embedded backdoor
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
bounty-targets-data
This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports
easy_rust_md
A port of David MacLeod's book to mdbook
git-flight-rules
Flight rules for git
helloshiftleftplay
vulnerable play app
spring-security-registration
Just Announced - "Learn Spring Security OAuth":
springboot-security
An spring boot based application leveraging spring security features
DVWA
Damn Vulnerable Web Application (DVWA)
SpringMvcXSSFilter
Basic spring mvc with xss filter. only java config.
CVE-2017-5645
CVE-2017-5645 - Apache Log4j RCE due Insecure Deserialization
DIVA
The Demandware Intentionally Vulnerable WebApp is a teaching tool to help those interested in security test their skills on increasingly tough challenges