y-mehta

y-mehta's Stars

• amalmurali47/onaws

  Fetch the details of assets hosted on AWS.

  Language:Python8612

• DarthBenro008/dotCloud

  A simple and safe replacement to .env files

  Language:TypeScript252

• securego/gosec

  Go security checker

  Language:Go8.1k637

• slackhq/goSDL

  goSDL

  Language:PHP52583

• sverweij/dependency-cruiser

  Validate and visualize dependencies. Your rules. JavaScript, TypeScript, CoffeeScript. ES6, CommonJS, AMD.

  Language:JavaScript5.7k261

• electron/governance

  Public repository for governance issues and documents

  Language:Shell145149

• xdavidhu/awesome-google-vrp-writeups

  🐛 A list of writeups from the Google VRP Bug Bounty program

  Language:Python1.2k218

• security-prince/Resources-for-Application-Security

  Some good resources for getting started with application security

  14223

• stripe/smokescreen

  A simple HTTP proxy that fogs over naughty URLs

  Language:Go1.2k74

• jeevan-singh/Security-Engineering-Training

  328

• segmentio/threat-modeling-training

  Segment's Threat Modeling training for our engineers

  24334

• initstring/dirty_sock

  Linux privilege escalation exploit via snapd (CVE-2019-7304)

  Language:Python667147

• reider-roque/linpostexp

  Linux post exploitation enumeration and exploit checking tools

  Language:Shell17950

• doyensec/regexploit

  Find regular expressions which are vulnerable to ReDoS (Regular Expression Denial of Service)

  Language:Python80657

• doyensec/awesome-electronjs-hacking

  A curated list of awesome resources about Electron.js (in)security

  61563

• firecracker-microvm/firecracker

  Secure and fast microVMs for serverless computing.

  Language:Rust27.4k1.9k

• localstack/localstack

  💻 A fully functional local AWS cloud stack. Develop and test your cloud & Serverless apps offline

  Language:Python58.3k4.1k

• ossf/scorecard

  OpenSSF Scorecard - Security health metrics for Open Source

  Language:Go4.8k524

• socketio/socket.io

  Realtime application framework (Node.JS server)

  Language:TypeScript61.9k10.1k

• nikitastupin/clairvoyance

  Obtain GraphQL API schema even if the introspection is disabled

  Language:Python1.1k106

• Santandersecurityresearch/corsair_scan

  Corsair_scan is a security tool to test Cross-Origin Resource Sharing (CORS).

  Language:Python12215

• danielmiessler/SecLists

  SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

  Language:PHP61.8k24.2k

• nccgroup/singularity

  A DNS rebinding attack framework.

  Language:JavaScript1.1k145

• postmanlabs/newman

  Newman is a command-line collection runner for Postman

  Language:JavaScript7k1.2k

• doyensec/electronegativity

  Electronegativity is a tool to identify misconfigurations and security anti-patterns in Electron applications.

  Language:JavaScript98968

• sathishvj/awesome-gcp-certifications

  Google Cloud Platform Certification resources.

  4.1k1.4k

• security-prince/Application-Security-Engineer-Interview-Questions

  Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer

  668106

• boyney123/github-actions

  Open source list of GitHub Actions. Free free to submit a PR to add your action

  Language:JavaScript16126

• google/cadvisor

  Analyzes resource usage and performance characteristics of running containers.

  Language:Go17.8k2.4k

• Opmantek/open-audit

  Tracking and reporting for IT and related assets and configuration

  Language:PHP16954