radekk's starred repositories
system-design-primer
Learn how to design large-scale systems. Prep for the system design interview. Includes Anki flashcards.
playwright
Playwright is a framework for Web Testing and Automation. It allows testing Chromium, Firefox and WebKit with a single API.
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Mobile-Security-Framework-MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
data-engineer-roadmap
Roadmap to becoming a data engineer in 2021
SimpleWebAuthn
WebAuthn, Simplified. A collection of TypeScript-first libraries for simpler WebAuthn integration. Supports modern browsers, Node, Deno, and more.
publications
Publications from Trail of Bits
criticality_score
Gives criticality score for an open source project
kubesploit
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.
SlackPirate
Slack Enumeration and Extraction Tool - extract sensitive information from a Slack Workspace
wg-securing-critical-projects
Helping allocate resources to secure the critical open source projects we all depend on.
threat-modeling-training
Segment's Threat Modeling training for our engineers
wg-identifying-security-threats
The purpose of the Identifying Security Threats working group is to enable stakeholders to have informed confidence in the security of open source projects. We do this by collecting, curating, and communicating relevant metrics and metadata from open source projects and the ecosystems of which they are a part.
aws-security-cert-service-notes
Security aspects of AWS products for the Security Specialist certification
fuzz-lightyear
A pytest-inspired, DAST framework, capable of identifying vulnerabilities in a distributed, micro-service ecosystem through chaos engineering testing and stateful, Swagger fuzzing.
ossf-cve-benchmark
The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebases using a variety of static analysis security testing (SAST) tools and generate reports to evaluate those tools.
burp_containers
Docker containers for running Burp Suite locally or remotely.