security-sesha

developer-roadmap

Interactive roadmaps, guides and other educational content to help developers grow in their careers.

system-design-101

Explain complex systems using visuals and simple terms. Help you prepare for system design interviews.

awesome-system-design-resources

Learn System Design concepts and prepare for interviews using free resources.

Resources-for-Beginner-Bug-Bounty-Hunters

A list of resources for those interested in getting started in bug bounties

hackerone-reports

Top disclosed reports from HackerOne

security-research

This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.

hackingthe.cloud

An encyclopedia for offensive and defensive security knowledge in cloud native technologies.

awesome-android-security

A curated list of Android Security materials and resources For Pentesters and Bug Hunters

AndroidAppRE

Android App Reverse Engineering Workshop

Massive-Web-Application-Penetration-Testing-Bug-Bounty-Notes

wrongsecrets

Vulnerable app with examples showing how to not use secrets

awesome-llm-security

A curation of awesome tools, documents and projects about LLM Security.

Frida-Labs

The repo contains a series of challenges for learning Frida for Android Exploitation.

prototype-pollution-nsec18

Content released at NorthSec 2018 for my talk on prototype pollution

Android-Security-Exploits-YouTube-Curriculum

🔓A curated list of modern Android exploitation conference talks.

bugbounty

github-actions-goat

GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment

MobileCTF

体系化、实战化、step by step、目标清晰且具体的一个打怪升级、成长路径规划图

security-interview-questions

Security interview questions with possible explanation for roles in AppSec, Pentesting, Cloud Security, DevSecOps, Network Security and so on

semgrep-rules-android-security

A collection of Semgrep rules derived from the OWASP MASTG specifically for Android applications.

Security_Architect_and_Principal_Security_Engineer_Interview_Questions

This is a companion to the Security Engineer Questions

awesome-sec-challenges

A curated list of Awesome Security Challenges.

llm-security-101

Delving into the Realm of LLM Security: An Exploration of Offensive and Defensive Tools, Unveiling Their Present Capabilities.

DamnVulnerableLLMProject

A LLM explicitly designed for getting hacked

ModLogin

Quickly check credentials against multiple websites and identify instances of credential reuse

related_work

Slides and videos from my public speeches / conferences

llm-testing-findings

LLM Testing Findings Templates

WheresMyBrowser.iOS

Where's My Browser? Learn hacking WebViews (iOS Mobile App)

OWASP-LLM

OWASP LLM (Large Language Model) Top 10

vulnerable-code-snippet

Sample Vulnerable and Secure Code Snippets for Various Vulnerabilities