s0rcy's Stars
mindedsecurity/semgrep-rules-android-security
A collection of Semgrep rules derived from the OWASP MASTG specifically for Android applications.
google/atheris
snoopysecurity/Vulnerable-Code-Snippets
A small collection of vulnerable code snippets
linuxhw/LsUSB
Collect lsusb reports and find most popular USB devices
iosifache/semgrep-rules-manager
Manager of third-party sources of Semgrep rules 🗂
HackTricks-wiki/hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
leocov-dev/tadpoles-backup
Download images of your kids from Tadpoles and Bright Horizons via CLI, Docker, or Kubernetes
insidersec/insider
Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).
lucapiccolboni/crylogger
CRYLOGGER: Detecting Crypto Misuses for Android and Java Apps Dynamically
jimmybish/qnap-docker-compose
Docker Compose config for the home QNAP NAS
B3nac/Android-Reports-and-Resources
A big list of Android Hackerone disclosed reports and other resources.
zhlynn/zsign
Maybe it is the most quickly codesign alternative for iOS12+, cross-platform ( macOS, Linux , Windows ), more features.
ambionics/phpggc
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
anantshri/Android_Security
This repository is a suplimentary material for Android Training's done by Anant Shrivastava from 2012-2017
ChiChou/grapefruit
(WIP) Runtime Application Instruments for iOS. Previously Passionfruit
Marcono1234/codeql-java-queries
Personal CodeQL queries
gagliardetto/codebox
Generate CodeQL taint-tracking models for Go (along with tests) in a graphical UI
semgrep/semgrep-rules
Semgrep rules registry
AloneMonkey/frida-ios-dump
pull decrypted ipa from jailbreak device
1N3/Sn1per
Attack Surface Management Platform
CoderMJLee/MJCodeObfuscation
一个用于代码混淆和字符串加密的Mac小Demo
doyensec/electronegativity
Electronegativity is a tool to identify misconfigurations and security anti-patterns in Electron applications.
ClaudiuGeorgiu/PlaystoreDownloader
A command line tool to download Android applications directly from the Google Play Store by specifying their package name (an initial one-time configuration is required)
ptoomey3/evilarc
Create tar/zip archives that can exploit directory traversal vulnerabilities
microsoft/ApplicationInspector
A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.
dustyfresh/PHP-vulnerability-audit-cheatsheet
This will assist you in the finding of potentially vulnerable PHP code. Each type of grep command is categorized in the type of vulnerabilities you generally find with that function.
alsmith/multicast-relay
Relay multicast and broadcast packets between interfaces.
oleavr/ios-inject-custom
Example showing how to use Frida for standalone injection of a custom payload
LewisArdern/metasecjs
MetaSec.js combines all the free open-source security tools to identify issues with JavaScript and automates the boring parts
nccgroup/blackboxprotobuf
Blackbox Protobuf is a set of tools for working with encoded Protocol Buffers (protobuf) without the matching protobuf definition.