Posts
-
API-fuzzer
API Fuzzer which allows to fuzz request attributes using common pentesting techniques and lists vulnerabilities
API_Fuzzergem accepts a API request as input and returns vulnerabilities possible in the API. Following are the main check involved in API_Fuzzer gem- Cross-site scripting vulnerability
- SQL injection
- Blind SQL injection
- XML External entity vulnerability
- IDOR (in specific cases)
- API Rate Limiting
- Open redirect vulnerabilities
- Information Disclosure flaws
- Info leakage through headers
- Cross-site request forgery vulnerability
Tags: #ruby • gem • ruby-gem
-
gotools
Plugin for Ghidra to assist reversing Golang binaries
- Download the release for your Ghidra version
- Copy ZIP to
$GHIDRA_DIR/Extensions/Ghidra/ - Start Ghidra,
File > Install Extensions, check the box next to gotools - Restart Ghidra
Tags: #java • ghidra • golang
-
pacbot
PacBot (Policy as Code Bot)
Policy as Code Bot (PacBot) is a platform for continuous compliance monitoring, compliance reporting and security automation for the cloud. In PacBot, security and compliance policies are implemented as code. All resources discovered by PacBot are evaluated against these policies to gauge policy conformance. The PacBot auto-fix framework provides the ability to automatically respond to policy violations by taking predefined actions. PacBot packs in powerful visualization features, giving a simplified view of compliance and making it easy to analyze and remediate policy violations. PacBot is more than a tool to manage cloud misconfiguration, it is a generic platform that can be used to do continuous compliance monitoring and reporting for any domain.
Tags: #java • cloud-security • security
-
stimulus_reflex
Build reactive applications with the Rails tooling you already know and love.
StimulusReflex eliminates the complexity imposed by full-stack frontend frameworks. And, it’s fast.
It works seamlessly with the Rails tooling you already know and love.
- Server-rendered HTML, delivered in milliseconds over the wire via Websockets
- ERB templates and partials, with first-class ViewComponent support
- Russian doll caching and ActiveJob
- StimulusJS and Turbolinks/Turbo Drive
- Built with CableReady, our secret power-move
Our goal is to help small teams do big things with familiar tools.
This project strives to live up to the vision outlined in The Rails Doctrine.
Tags: #ruby • stimulus • reactive
-
neomodel
An Object Graph Mapper (OGM) for the Neo4j graph database.
For neomodel releases 5.x :
- Python 3.8+
- Neo4j 5.x, 4.4 (LTS)
For neomodel releases 4.x :
- Python 3.7 -> 3.10
- Neo4j 4.x (including 4.4 LTS for neomodel version 4.0.10)
Tags: #python • neo4j • ogm
-
kubeinvaders
Gamified Chaos Engineering Tool for Kubernetes
Gamified Chaos Engineering Tool for K8s
This project is part of landscape of Cloud Native Computing Foudation in the Observability and Analysis - Chaos Engineering section.
- Launch the demo at this link https://kubeinvaders.platformengineering.it
- Monitor the pod status here https://kubeopsview.platformengineering.it
Backed by the teams at platformengineering.it and devopstribe.it, which provides enterprise-grade features and certified resilience services for your Kubernetes infrastructure.
Here are the slides from the Chaos Engineering speech I prepared for FOSDEM 2023. Unfortunately, I could not be present at my talk, but I would still like to share them with the community.
Tags: #javascript • chaos • kubernetes
-
croon
PHP Crontab
Croon是一个PHP版本的CronTab实现
之前也做过一个类似的实现php-crontab,Croon与之不同的是:使用进程管理方式Fork工作进程;有友好的日志模块;加入事件驱动;更佳规范和稳定
Tags: #php
-
cognitive-services-speech-sdk-js
Microsoft Azure Cognitive Services Speech SDK for JavaScript
The Microsoft Cognitive Services Speech SDK for JavaScript is the JavaScript version of the Microsoft Cognitive Services Speech SDK. An in-depth description of feature set, functionality, supported platforms, as well as installation options is available here.
The JavaScript versions of the Cognitive Services Speech SDK supports browser scenarios as well as the Node.js environment.
Tags: #typescript
-
atomic-layout
Build declarative, responsive layouts in React using CSS Grid.
Modern layout development is about modularity and composition. Following the best practices of [Atomic design][atomic-design], we strive toward independent UI units that gradually compose into more meaningful pieces. While the attention paid to units implementation is thorough, we often overlook how to achieve layout composition that scales. It’s as if we forget that spacing defines composition.
When it comes to distributing the spacing things get more difficult. First of all, true contextless spacing is hard. To make things worse, all present solutions couple spacing with UI elements, inevitably making small reusable pieces contextful and, thus, hard to maintain.
Atomic Layout helps you to compose your elements by introducing a dedicated spacing layer called Composition. It encourages you to separate concerns between UI elements’ visual appearance and spacing between them. With the first-class responsive support at your disposal you can build gorgeous responsive permutations of your elements without leaving the dedicated spacing layer, keeping UI elements contextless and predictable. Embrace the era of a true layout composition!
Tags: #typescript • react • atomic-design
-
flat
:steam_locomotive: Flatten/unflatten nested Javascript objects
Take a nested Javascript object and flatten it, or unflatten an object with delimited keys.
Tags: #javascript
subscribe via RSS