grauwolf32's starred repositories
API-Security-Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
CheatSheetSeries
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
android-coq-model
Coq model of Android permission system
weird_proxies
Reverse proxies cheatsheet
param-miner-doc
Unofficial documentation for the great tool Param Miner
RsaCtfTool
RSA attack tool (mainly for ctf) - retrieve private key from weak public key and/or uncipher data
keto
The most scalable and customizable permission server on the market. Fix your slow or broken permission system with Google's proven "Zanzibar" approach. Supports ACL, RBAC, and more. Written in Go, cloud native, headless, API-first. Available as a service on Ory Network and for self-hosters.
ProVerif-ATP
ProVerif-ATP - Combining ProVerif and Automated Theorem Provers for Security Protocol Verification
Mobile-Security-Framework-MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
cdxgen
Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI/CD pipeline with automatic submission to Dependency Track server. Discord: https://discord.gg/DP657ACYEZ
31-days-of-API-Security-Tips
This challenge is Inon Shkedy's 31 days API Security Tips.
ApplicationInspector
A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.
grammars-v4
Grammars written for ANTLR v4; expectation that the grammars are free of actions.