Rahil Arora's starred repositories
system-design-primer
Learn how to design large-scale systems. Prep for the system design interview. Includes Anki flashcards.
API-Security-Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
h4cker
This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artificial intelligence security, vulnerability research, exploit development, reverse engineering, and more.
trufflehog
Find, verify, and analyze leaked credentials
GTFOBins.github.io
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
how-to-secure-anything
How to systematically secure anything: a repository about security engineering
Probable-Wordlists
Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren't popular!
awesome-appsec
A curated list of resources for learning about application security
osv-scanner
Vulnerability scanner written in Go which uses the data provided by https://osv.dev
can-i-take-over-xyz
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
tag-security
🔐CNCF Security Technical Advisory Group -- secure access, policy control, privacy, auditing, explainability and more!
mimikittenz
A post-exploitation powershell tool for extracting juicy info from memory.
awesome-crypto-papers
A curated list of cryptography papers, articles, tutorials and howtos.
Damn-Vulnerable-GraphQL-Application
Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practising GraphQL Security.
csp_security_mistakes
This repo has been replaced by https://www.cloudvulndb.org
9stepsawesome
The exercises/samples repo for bit.ly/9stepsawesome presentation
poc-graphql
Research on GraphQL from an AppSec point of view.
domain-protect
OWASP Domain Protect - prevent subdomain takeover
PythonDataScienceFullThrottle
Downloads for my Safari Online Learning live training course Python Data Science Full Throttle: Introductory Artificial Intelligence (AI), Big Data and Cloud Case Studies
awssecurity
for AWS Security material
trufflehog3
Find secrets in your codebase
CloudPrivs
Determine privileges from cloud credentials via brute-force testing.
AppSecPipeline-Specification
AppSecPipeline Specification for DevOps automation.