dragon040's starred repositories
static-analysis
⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.
kubesploit
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.
Awesome-Hacking
A collection of various awesome lists for hackers, pentesters and security researchers
aws-secrets-manager-rotation-lambdas
Contains Lambda functions to be used for automatic rotation of secrets stored in AWS Secrets Manager
www-project-ai-security-and-privacy-guide
OWASP Foundation Web Respository
tag-security
🔐CNCF Security Technical Advisory Group -- secure access, policy control, privacy, auditing, explainability and more!
langkit
🔍 LangKit: An open-source toolkit for monitoring Large Language Models (LLMs). 📚 Extracts signals from prompts & responses, ensuring safety & security. 🛡️ Features include text quality, relevance metrics, & sentiment analysis. 📊 A comprehensive tool for LLM observability. 👀
secureCodeBox
secureCodeBox (SCB) - continuous secure delivery out of the box
trufflehog
Find, verify, and analyze leaked credentials
AppleJuice
Apple BLE proximity pairing message spoofing
publications
This repository contains examples of information security policies, GDPR protocols and an operational security guide with examples of best practices.
ci-integrations
Example scripts to run Tinfoil Security via your CI
ctf-katana
This repository aims to hold suggestions (and hopefully/eventually code) for CTF challenges. The "project" is nicknamed Katana.
shipfast-api-protection
Learn practical Mobile and API security techniques: API Key, Static and Dynamic HMAC, Dynamic Certificate Pinning, and Mobile App Attestation.
Key-Checker
Go scripts for checking API key / access token validity
bugbounty-cheatsheet
A list of interesting payloads, tips and tricks for bug bounty hunters.
APAC-Conferences
A community contributed consolidated list of InfoSec meetups in the Asia Pacific region.
github-search
Tools to perform basic search on GitHub.
bugbounty-cheatsheet
A list of interesting payloads, tips and tricks for bug bounty hunters.