Ingest, store, & analyze all types of time series data in a fully-managed, purpose-built database. Keep data forever with low-cost storage and superior data compression. Learn more →
Top 23 HTML Security Projects
A guide to smart contract security best practicesProject mention: Solidity security reviews? | reddit.com/r/solidity | 2023-02-20
Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist
Appwrite - The Open Source Firebase alternative introduces iOS support. Appwrite is an open source backend server that helps you build native iOS applications much faster with realtime APIs for authentication, databases, files storage, cloud functions and much more!
Gather and update all available and newest CVEs with their PoC.Project mention: [Help] I'm looking for a downloadable list of all CVEs including vulnerability | reddit.com/r/netsec | 2022-12-05
Anyhow, these project might help: - https://cve-search.github.io/cve-search/ - https://github.com/trickest/cve/ - https://github.com/ChrisIvie/offline-cve - https://avleonov.com/2017/10/03/downloading-and-analyzing-nvd-cve-feed/ - opencve.io
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀Project mention: Broke down K8S images? | reddit.com/r/kubernetes | 2022-08-04
DefectDojo is a DevSecOps and vulnerability management tool.Project mention: Any open source projects where we can learn Django by doing? | reddit.com/r/djangolearning | 2023-02-05
Access the most powerful time series database as a service. Ingest, store, & analyze all types of time series data in a fully-managed, purpose-built database. Keep data forever with low-cost storage and superior data compression.
:lock: Memorable site for testing clients against bad SSL configs.Project mention: Intune Management ADMX | reddit.com/r/brave_browser | 2023-02-21
With SSLVersionMin, I think TLS 1.0 and TLS 1.1 protocols are already disabled (they were originally going to be disabled in 2020, but it was postponed). If I try going to test pages on https://badssl.com/ that use those protocols, Brave displays an "Unsupported protocol" error page with error code ERR_SSL_VERSION_OR_CIPHER_MISMATCH – with no option for the user to bypass the error page. However, I'm not sure why InTune won't allow you to configure it to TLS 1.2 minimum version anyway.
An open-source, privacy-enhancing web browser for iOS, utilizing the Tor anonymity networkProject mention: YSK that If you’re using Android 11 and Google Chrome, you can get malware or bloatware simply by surfing on websites, even in incognito mode. | reddit.com/r/YouShouldKnow | 2023-03-21
Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)Project mention: What are use cases for a reverse shell generator? | reddit.com/r/linuxquestions | 2023-03-07
Better privacy without special softwareProject mention: Password protect a static HTML page | news.ycombinator.com | 2023-02-18
Tools, tips, tricks, and more for exploring ICS Security.
A vulnerable version of Rails that follows the OWASP Top 10Project mention: How to Safely Deserialize Data in Ruby on Rails | dev.to | 2022-08-17
In this example, we’ll analyze the runtime behavior of the OWASP Railsgoat project, which is a vulnerable Ruby on Rails application. This project demonstrates the OWASP Top-10 and is a great project for educating developers and security teams.
World's most advanced DNS filter-/blocklists!Project mention: Energized GitHub has been unmaintained since few months, and is showing 404 error on HOSTS files. Here is a copy of Energized Ultimate HOSTS ruleset file, and alternative HOSTS ruleset providers to consider. | reddit.com/r/privatelife | 2023-03-10
I think 1Hosts PRO is a good replacement, but try Lite or Pro whichever you prefer. https://github.com/badmojr/1Hosts You may try combining other HOSTS lists with this if you want to, and are technically adept enough.
A tool to create firefox profiles with personalized defaults.Project mention: Any add-on that removes annoying "accept all cookies" message and denies it all the time? | reddit.com/r/privacy | 2022-11-13
The AWS Secure Environment Accelerator is a tool designed to help deploy and operate secure multi-account, multi-region AWS environments on an ongoing basis. The power of the solution is the configuration file which enables the completely automated deployment of customizable architectures within AWS without changing a single line of code.Project mention: An AWS account just for getting into other AWS accounts | news.ycombinator.com | 2022-11-02
I've used the ASEA to get a number of organizations setup. I prefer it to Control Tower (it can be installed on top of CT). The ASEA is open source and written in AWS cdk so it can be forked and modified if needed.
i2pd browser bundleProject mention: [March 6th] Dread: We are back! | reddit.com/r/DreadAlert | 2023-03-09
they just need to download https://github.com/PurpleI2P/i2pdbrowser and they r set to go
Is TLS fast yet? Yes, yes it is.Project mention: Is TLS Fast Yet? - TLS has exactly one performance problem: it is not used widely enough. Everything else can be optimized. | reddit.com/r/CKsTechNews | 2022-10-21
🎩 🤟🏻 [P1-$10,000] Google Chrome, Microsoft Edge and Opera - vulnerability reported by Maciej Pulikowski - System environment variables leak - CVE-2022-0337Project mention: CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera: 🎩 🤟🏻 [P1-$10,000] Google Chrome, Microsoft Edge and Opera - vulnerability reported by Maciej Pulikowski - System environment variables leak - CVE-2022-0337 | reddit.com/r/blueteamsec | 2022-03-28
Main website serversProject mention: Google Pixel Phones und GrapheneOS | reddit.com/r/dys2p | 2023-03-14
GrapheneOS (Lizenz) [GrapheneOS: das private und sichere mobile Betriebssystem](grapheneos-index.html) – https://grapheneos.org [Installation](grapheneos-install.html) – https://grapheneos.org/install/ [CLI-Installationsanleitung](grapheneos-install-cli.html) – https://grapheneos.org/install/cli [Web-Installationsanleitung](grapheneos-install-web.html) – https://grapheneos.org/install/web
Tools and packages that are used for countering forensic activities, including encryption, steganography, and anything that modify attributes. This all includes tools to work with anything in general that makes changes to a system for the purposes of hiding information.Project mention: How to wipe a drive beyond forensic recoverability? | reddit.com/r/opsec | 2022-10-28
Take a look at awesome-anti-forensic
Ansible Role to Automate CIS v1.1.0 Ubuntu Linux 18.04 LTS, 20.04 LTS RemediationProject mention: CIS Roles | reddit.com/r/ansible | 2023-02-16
DWKit is a Business Process Management System based on .NET Core and ReactProject mention: Alternative to ProcessMaker | reddit.com/r/selfhosted | 2022-05-10
DWKit (last commit 5 month ago)
Clean code begins in your IDE with SonarLint. Up your coding game and discover issues early. SonarLint is a free plugin that helps you find & fix bugs and security issues from the moment you start writing code. Install from your favorite IDE marketplace today.
HTML Security related posts
YSK that If you’re using Android 11 and Google Chrome, you can get malware or bloatware simply by surfing on websites, even in incognito mode.
1 project | reddit.com/r/YouShouldKnow | 21 Mar 2023
if I am using darkweb from Android is it having same safety as using from pc or laptop?
1 project | reddit.com/r/TOR | 14 Mar 2023
[March 6th] Dread: We are back!
2 projects | reddit.com/r/DreadAlert | 9 Mar 2023
How to make a bounty bug request
1 project | reddit.com/r/bugbounty | 7 Mar 2023
Please utilize encrypted services and apps to help reduce this possibility!
2 projects | reddit.com/r/StrikeForRoe | 5 Mar 2023
Solidity security reviews?
2 projects | reddit.com/r/solidity | 20 Feb 2023
Standalone browser version
1 project | reddit.com/r/i2p | 10 Feb 2023
A note from our sponsor - InfluxDB
www.influxdata.com | 22 Mar 2023
What are some of the best open-source Security projects in HTML? This list will help you: