tolgadevsec

Tolga Ünlü's repositories

Awesome-Deception

An awesome list of resources on deception-based security with honeypots and honeytokens

PHP-Security-Cheatsheet

This cheatsheet is an overview of techniques to prevent common vulnerabilities within PHP web applications

Defensive-Coding-Reloaded---Lightning-Talk-Demo

This is the demo application of my talk "Defensive Coding Reloaded" held at the Securi-Tay 2022 conference in Dundee, Scotland.

Language:PHPMIT010

Talks

Presentation slides and code samples of my talks

Language:JavaScript010

ato-checklist

A checklist of practices for organizations dealing with account takeover (ATO)

000

CakeFuzzer

Cake Fuzzer is a project that is meant to help automatically and continuously discover vulnerabilities in web applications created based on specific frameworks with very limited false positives.

Language:PythonGPL-3.0000

client-puzzle

Language:JavaScript000

CPP4WebApp

A Demonstration Software Implementation of Client Puzzle Protocols as Countermeasure against Automated Threats to Web Applications

Language:HTMLGPL-3.0000

csp-html-webpack-plugin

A plugin which, when combined with HTMLWebpackPlugin, adds CSP tags to the HTML output.

Language:JavaScriptMIT000

django-middleware-fileuploadvalidation

A Django middleware to validate user file uploads and detect malicious content.

Language:PythonApache-2.0000

DongTai-agent-java

Java Agent is a Java application probe of DongTai IAST, which collects method invocation data during runtime of Java application by dynamic hooks.

Language:JavaApache-2.0000

DongTai-agent-python

Python Agent is a Python application probe of DongTai IAST, which collects method invocation data during runtime of Python application by dynamic hooks.

Language:CApache-2.0000