Top 10 security-research Open-Source Projects

• sql-injection-payload-list

  5 4,304 0.0

  🎯 SQL Injection Payload List

  

• command-injection-payload-list

  2 2,582 0.0

  🎯 Command Injection Payload List

  

• InfluxDB

  www.influxdata.com sponsored

  Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  

• diodb

  10 955 7.6 Python

  Open-source vulnerability disclosure and bug bounty program database

  

• fuzz-introspector

  2 347 9.6 Python

  Fuzz Introspector -- introspect, extend and optimise fuzzers

  

Project mention: Automated Unit Test Improvement Using Large Language Models at Meta | news.ycombinator.com | 2024-02-17

https://google.github.io/oss-fuzz/research/llms/target_gener... https://security.googleblog.com/2023/08/ai-powered-fuzzing-b... https://hn.algolia.com/?q=AI-Powered+Fuzzing%3A+Breaking+the...

OSSF//fuzz-introspector//doc/Features.md: https://github.com/ossf/fuzz-introspector/blob/main/doc/Feat...

https://scholar.google.com/scholar?hl=en&as_sdt=0%2C43&q=Fuz... :

- "Large Language Models Based Fuzzing Techniques: A Survey" (2024) https://arxiv.org/abs/2402.00350 :

• jaws

  11 230 0.0 C

  Jaws is an invisible programming language! Inject invisible code into other languages and files! Created for security research -- see blog post

• MATE

  1 170 0.0 Python

  MATE is a suite of tools for interactive program analysis with a focus on hunting for bugs in C and C++ code using Code Property Graphs. (by GaloisInc)

  

• ShonyDanza

  1 113 3.0 Python

  A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

• WorkOS

  workos.com sponsored

  The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

  

• STARS

  1 41 4.9 Python

  A multi-cloud DNS record scanner that aims to help cybersecurity/IT analysts identify dangling CNAME records in their cloud DNS services that could possibly lead to subdomain takeover scenarios. (by Macmod)

• advisories

  2 33 6.0 Python

  Security advisories published by Enable Security (by EnableSecurity)

  

• onionnux

  1 16 0.0 Python

  Onionnux is a onionsite(DEEPNET/DARKNET) tool.It can help to idenitfy onionsite is active or onionsite server name.

security-research related posts

• How to find issues with bounties on github?
  1 project | /r/github | 26 Feb 2023
• Are bug bounties programs safe for hackers?
  1 project | /r/cybersecurity | 28 Aug 2022
• When to Report Vulnerability
  1 project | /r/hacking | 9 Apr 2021
• We are cybersecurity researchers who wrote a book teaching people how to hack the Internet of Things, called Practical IoT Hacking. Ask us anything!
  6 projects | /r/IAmA | 27 Mar 2021
• Bug discovery diaries: Abusing VoIPmonitor for Remote Code Execution
  2 projects | /r/netsec | 17 Mar 2021
• VoIPmonitor advisories: buffer overflow leading to RCE + XSS vulnerabilities
  1 project | /r/u_EnableSecurity | 15 Mar 2021
• Hacking the Law: Are Bug Bounties a True Safe Harbor?
  2 projects | /r/BSidesSF | 6 Mar 2021
• A note from our sponsor - SaaSHub
  www.saashub.com | 28 Apr 2024

  SaaSHub helps you find the best software and product alternatives Learn more →

Index

Sponsored

SaaSHub - Software Alternatives and Reviews

SaaSHub helps you find the best software and product alternatives

www.saashub.com