kozmic

laravel-poc-CVE-2018-15133

PoC for CVE-2018-15133 (Laravel unserialize vulnerability)

js-library-xss-fuzzer

Javascript library fuzzer. Tries to detect functions which may lead to XSS vulnerabilities if untrusted data is passed to said functions.

browser-playground

Testing of different behaviours in browsers

github-search-search

Search in Github search result

takeover-poc

account-sdk-browser

Account SDK for browsers

antiope

AWS Inventory and Compliance Framework

ASVS

Application Security Verification Standard

aws-sam-local

AWS SAM Local 🐿 is a CLI tool for local development and testing of Serverless applications

bugalert

dependabot-core

🤖 The core logic behind Dependabot's update PR creation

deserialize

foil

gmailer

Simple Go library to send emails using AWS SES

json5

JSON5 — JSON for humans

nmap

Run nmap from a Docker container. Simplifies things on macOS

node-esi-server

Express server serving ESI tags to test for edge side inclusion injection (https://gosecure.net/2018/04/03/beyond-xss-edge-side-include-injection/)

vulcan-checks

This repository holds the code for each Vulcan check's main binary.

github-api

Java API for GitHub

juice-shop

Work of OWASP Juice Shop

juice-shop-legacy

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

next.js

The React Framework

NSDetect

subjack

Subdomain Takeover tool written in Go

TrailDiscover

An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and security implications

vulcan-groupie

vulcan-stream

Vulcan Stream provides a one-way communication channel from Vulcan Persistence to Vulcan Agents.

vulcan-ui

vulnerable-image-fetcher

SSRF vulnerable image fetcher with emulated AWS IMDSv1 and IMDSv2

xss-npm

NPM package with XSS payloads in meta fields