recentpopularlog in

agius : security   216

« earlier  
anchore/anchore-engine - Docker Hub
The Anchore Engine is an open source project that provides a centralized service for inspection, analysis and certification of container images.
docker  container  security  netsec  infosec  vulnerability  scanner 
july 2018 by agius
notes/Gathering-weak-npm-credentials.md at master · ChALkeR/notes
Or how I obtained direct publish access to 14% of npm packages (including popular ones).
The estimated number of packages potentially reachable through dependency chains is 54%.
javascript  npm  security  js  breach  infosec  netsec  hacks 
may 2018 by agius
Wappalyzer
Plugin / bookmarklet / npm lib to check a website for what technology it uses. JS libs, Nginx version, frameworks & platforms, etc
security  netsec  infosec  recon  chrome  plugin  nodejs  node  npm  browser 
april 2018 by agius
javascript - how to show alternate image if source image is not found?
using onerror="" html attribute with non-existent image, you can inject js for pages that filter <script> out of user input. Fun!
stack_overflow  html  html5  javascript  js  security  netsec 
april 2018 by agius
bkimminich/juice-shop - Buttons - Heroku Elements
OWASP Juice Shop is an intentionally insecure web application written entirely in JavaScript which encompasses the entire range of OWASP Top Ten and other severe security flaws.

one-click deploy to Heroku!
security  netsec  infosec  pentest  webapp  heroku  owasp  ctf 
april 2018 by agius
WordLock Analysis - Google Sheets
All English words you can make with 4 & 5-letter word locks
security  infosec  lockpicking  opsec  physical_security  puzzles 
april 2018 by agius
Game of Hacks | Checkmarx
Can you spot the vulnerabilities in this code?
game  games  programming  security  netsec  infosec  education  learning 
april 2018 by agius
HTTP Request Smuggling
Whitepaper from WatchFire on writing funky requests w/ CLRFs that make servers do stupid things
docs  article  whitepaper  academic  learning  education  infosec  netsec  security 
april 2018 by agius
Mock Server
Kinda like nock or webmock, except runs an actual server and lets you specify mock requests & responses

Could be useful as a simple recorder for test exploits & such
testing  tests  test  server  development  debugging  security  netsec 
april 2018 by agius
Home · bettercap/bettercap Wiki
Sniffing, spoofing, deuth, and other network shenanigans
go  golang  security  infosec  netsec  wifi  network  github 
april 2018 by agius
xmendez/wfuzz: Web application fuzzer
Discover urls and other endpoints in webapps without scraping / crawling
netsec  infosec  security  tools  toolkit  scraper 
march 2018 by agius
Censys
Find all servers having to do with <company domain name>
network  search  security  netsec  infosec  recon  tools  saas 
march 2018 by agius
Observatory by Mozilla
Observatory by Mozilla has helped over 125,000 websites by teaching developers, system administrators, and security professionals how configure their sites safely and securely.
security  netsec  tools  scanner 
march 2018 by agius
awslabs/aws-config-rules: Example AWS Config rules
[Node, Python, Java] Repository of sample Custom Rules for AWS Config.
aws  github  example  nodejs  node  python  java  javascript  js  lambda  security  netsec  devops  compliance 
february 2018 by agius
« earlier      
per page:    204080120160

Copy this bookmark:





to read