LlamaIndex (GPT Index) is a project that provides a central interface to connect your LLM's with external data.

Semgrep rules registry

Apache Commons Text below 1.10.0 RCE Vulnerability POC

Damn Vulnerable Web Services is a vulnerable application with a web service and an API that can be used to learn about webservices/API related vulnerabilities.

A very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of security analyzers tools tools

Auth with JWT, good project structure with namespaces and blueprints, SQL_ALCHEMY, custom error handlers, tests and some more are here!

Linux eBPF Monitoring Daemon

Vulnerable NodeJS Web Application

log4j rce test environment and poc

CloudQuery Provider SDK enables building providers to query any service or custom in-house solutions with SQL

mobsfscan is a static analysis tool that can find insecure code patterns in your Android and iOS source code. Supports Java, Kotlin, Swift, and Objective C Code. mobsfscan uses MobSF static analysi…

How to run eBPF on Docker for mac

CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security (code scanning), LGTM.com, and LGTM Enterprise

TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into product…

Oversecured Vulnerable Android App

syzkaller is an unsupervised coverage-guided kernel fuzzer

Spring Framework

Vulnerability database and package search for sources such as NVD, GitHub.

Becoming 1% better at data science everyday

Burp Suite extension to track vulnerability assessment progress

Compromising the macOS Kernel through Safari by Chaining Six Vulnerabilities

Mac in Docker! Run near native OSX-KVM in Docker! X11 Forwarding!

Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)

Boring tool to launch multiple afl-fuzz instances