A collection of my Semgrep rules to facilitate vulnerability research.

A very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of security analyzers tools tools

SQL Injection in Java

NTPD remote DOS exploit and vulnerable container

Intentionally vulnerable Linux application for buffer overflow and RCE development practice

A buffer overflow vulnerable CGI program

An example C program which contains vulnerable code for common types of vulnerabilities. It can be used to show fuzzing concepts.

The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

AWS Lambda functions of OWASP PurpleTeam

Infrastructure as Code for SUTs

Coveralls Github Action

Allows testing of Server Sent Events

Terraform provider for the Gandi Domain services

Manage your ASG + ECS Cluster (Docker) with Terraform

Zsh plugin for installing, updating and loading nvm

Node Version Manager - POSIX-compliant bash script to manage multiple active node.js versions

PASETO: Platform-Agnostic Security Tokens

Platform-Agnostic Security Tokens

Node test utility

Server scanning component of OWASP PurpleTeam

TLS scanning component of OWASP PurpleTeam

Application scanning component of OWASP PurpleTeam

Stage Two containers of OWASP PurpleTeam

A community-driven framework for managing your zsh configuration. Includes 40+ optional plugins (rails, git, OSX, hub, capistrano, brew, ant, macports, etc), over 80 terminal themes to spice up you…

Enables you to use the Node templating engine Jade for Bootstrap by delivering a layout.jade file

CampJS V