peval's repositories
404forest
个人 Blog,写文做总结。
android-database-sqlcipher
Android SQLite API based on SQLCipher
ant-design-pro
👨🏻💻👩🏻💻 Use Ant Design like a Pro!
Benchmark
OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually exploitable, it’s a fair test for any kind of vulnerability detection tool. For more details on this project, please see the OWASP Benchmark Project home page.
blackboxprotobuf
Blackbox protobuf is a Burp Suite extension for decoding and modifying arbitrary protobuf messages without the protobuf type definition.
BurpCustomizer
Because just a dark theme wasn't enough!
CheatSheetSeries
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
closure-library
Google's common JavaScript library
DOMPurify
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
electron
:electron: Build cross-platform desktop apps with JavaScript, HTML, and CSS
electronegativity
Electronegativity is a tool to identify misconfigurations and security anti-patterns in Electron applications.
faraday
协作渗透测试和漏洞管理平台
ftw
Framework for Testing WAFs (FTW!)
gosec
Golang security checker
Hawkeye
GitHub 泄露监控系统(GitHub Sensitive Information Leakage Monitor Spider)
htcap
htcap is a web application scanner able to crawl single page application (SPA) in a recursive manner by intercepting ajax calls and DOM changes.
interview
📚 C/C++面试知识总结
MyBookshelf
An Open-Source Android App for books management
NoXss
Faster xss scanner,support reflected-xss and dom-xss
pacu
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
practical-cryptography-for-developers-book
实用的开发人员密码学 Practical Cryptography for Developers: Hashes, MAC, Key Derivation, DHKE, Symmetric and Asymmetric Ciphers, Elliptic Curves, Digital Signatures
redsocks
transparent TCP-to-proxy redirector
sec-chart
安全思维导图集合
security-advisories
A database of PHP security advisories
Specs
The CocoaPods Master Repo
trusted-types
A browser API that aims to prevent DOM-Based Cross Site Scripting in modern web applications.
tsunami-security-scanner
Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.