jzarris's repositories
docker-vulnerable-dvwa
Damn Vulnerable Web Application Docker container
rbac-police
Evaluate the RBAC permissions of Kubernetes identities through policies written in Rego
Seccubus
Easy automated vulnerability scanning, reporting and analysis
SmartThingsPublic
SmartThings open-source DeviceTypeHandlers and SmartApps code
akto
Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure
awesome-lists
Security lists for SOC detections
bad-asn-list
An open source list of ASNs known to belong to cloud, managed hosting, and colo facilities.
cloudquery
The open source high performance data integration platform built for developers.
crAPI
completely ridiculous API (crAPI)
fake-useragent
Up-to-date simple useragent faker with real world database
gotestwaf
An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses
guard-action
A repo containing KSOC Guard GitHub Action
httpbin
HTTP Request & Response Service, written in Python + Flask.
image-vulnerability-search-1
Search your KSOC image vulnerabilities in multiple accounts for a specific vulnerability name.
microservices-demo
Deployment scripts & config for Sock Shop
openemr-devops
OpenEMR administration and deployment tooling
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
poc-graphql
Research on GraphQL from an AppSec point of view.
rsm
Reverse shell manager using tmux and ncat
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
waf-bypass
Check your WAF before an attacker does
waf-comparison-project
Testing datasets and tools to compare WAF efficacy
waf_testbed
Chef Cookbook which provisions apache+mod_security+owasp-crs