netcode

OAuthGoat

Vulnerable dockerized environment designed to test OAuth vulnerabilities

Spring4shell-CVE-2022-22965-POC

Another spring4shell (Spring core RCE) POC

express4-bootstrap-starter

Lightweight Bootstrap NodeJS Apps Build Using ExpressJS 4, MongoDB/Mongoose, Authentication with Passport.js, Jade and GruntJS as Task Automation

thegoodhacker.github.io

apm-agent-nodejs

Elastic APM Node.js Agent

awesome-golang-security

Awesome Golang Security resources 🕶🔐

content

The content behind MDN Web Docs

CVE-2021-26084_PoC

CVE-2021-41773

CVE-2021-41773 playground

CVE-2021-41773_42013

Lab setup for CVE-2021-41773 (Apache httpd 2.4.49) and CVE-2021-42013 (Apache httpd 2.4.50).

ejs

Embedded JavaScript templates -- http://ejs.co

eslam.github.io

express

Fast, unopinionated, minimalist web framework for node.

integrations-core

Core integrations of the Datadog Agent

log4shell-vulnerable-app

Spring Boot web application vulnerable to CVE-2021-44228, nicknamed Log4Shell.

money-tracker

:moneybag: Personal finances tracking web app

netcode.github.io

Production home for my blog

nosql-injection-sequelize

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

security-labs-pocs

Proof of concept code for Datadog Security Labs referenced exploits.

smokescreen

A simple HTTP proxy that fogs over naughty URLs

Spring-cloud-function-SpEL-RCE

Spring-cloud-function-SpEL-RCE 批量检测脚本，反弹shell_EXP,欢迎师傅们试用

stratus-red-team

:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud

6.566-lab-2024

arc

A manager for your secrets.

CVE-2023-0386

CVE-2023-0386在ubuntu22.04上的提权

GHHv6

Gray Hat Hacking v6

HASH

HASH (HTTP Agnostic Software Honeypot)

jwt-cracker

Simple HS256 JWT token brute force cracker

MS-DOS

The original sources of MS-DOS 1.25, 2.0, and 4.0 for reference purposes