sempf
Husband. Father. Vulnerability analyst. Secure software composer. Five year Microsoft MVP. Lockpicker. Ninja. I help people write secure software.
POINTColumbus, Ohio
Pinned Repositories
AndroidCodeReview
Automation for Code Review segment of Android mobile apps
big-list-of-naughty-strings
The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
fuzzdb
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
iosAnalysis
These are mostly shitty tools that I use for automating iOS analysis on OSX. YMMV. I'm doing the best I can here.
nikto
Nikto web server scanner
retire.apk
A version of retire.js for Android APKs
WhatsNewInTheOwaspTop10
My code for the OWASP Top 10 talk Lots of hackery.
sempf's Repositories
sempf/AndroidCodeReview
Automation for Code Review segment of Android mobile apps
sempf/big-list-of-naughty-strings
The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
sempf/fuzzdb
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
sempf/retire.apk
A version of retire.js for Android APKs
sempf/nikto
Nikto web server scanner
sempf/666XSS
666 XSS strings for various uses. Good for research, or vulnerability assessment.
sempf/azure-docs
Open source documentation of Microsoft Azure
sempf/Azurite
Enumeration and reconnaissance activities in the Microsoft Azure Cloud.
sempf/BlogEngine.NET
Multi-User ASP.NET Blogging Application
sempf/CheckersOnBevy
🏁 Checkers on bevy with AI and p2p network play
sempf/DiscordChatExporter
Exports Discord chat logs to a file
sempf/esapi-java-legacy
ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library that makes it easier for programmers to write lower-risk applications.
sempf/ESP32Badge
Source code and resources for the ESP32 Conference Badge
sempf/flexOS
Protogen fursuit implementation using FastLED and Python
sempf/flipperzero-sentry-safe-plugin
sempf/mastodon
Your self-hosted, globally interconnected microblogging community
sempf/MauiVeilid
sempf/MauiVeilidLibrary
sempf/MFSniffer
Mainframe TN3270 unencrypted TSO session user ID and password sniffer
sempf/Open3270
sempf/OSINT-Framework
OSINT Framework
sempf/owasp.github.io
OWASP Foundation main site repository
sempf/packman
A documentation and tracking project with the goal of making package management systems more secure.
sempf/PyRIT
The Python Risk Identification Tool for generative AI (PyRIT) is an open access automation framework to empower security professionals and machine learning engineers to proactively find risks in their generative AI systems.
sempf/SigPloit-ss7
sempf/sonarqube
Continuous Inspection
sempf/symbol.wtf
A dumb website I made for when I need a symbol.
sempf/VeilidMonitor
A simple mobile web that keeps track of a headless Veilid node on Azure.
sempf/veilnote
sempf/whatdayisit
Tells you what day it is