Posts

  • Sep 12, 2025

    cfn_nag

    Linting tool for CloudFormation templates

    The cfn-nag tool looks for patterns in CloudFormation templates that may indicate insecure infrastructure. Roughly speaking, it will look for:

    • IAM rules that are too permissive (wildcards)
    • Security group rules that are too permissive (wildcards)
    • Access logs that aren’t enabled
    • Encryption that isn’t enabled
    • Password literals

    For more background on the tool, please see this post at Stelligent’s blog:

    Finding Security Problems Early in the Development Process of a CloudFormation Template with “cfn-nag”

    Tags: #ruby • continuous-testing • unit-testing

  • Sep 12, 2025

    retroarch-joypad-autoconfig

    RetroArch joypad autoconfig files

    This repository stores joypad autoconfig files for RetroArch, the reference frontend for the libretro API.

    The autoconfig files included in this repository are used to recognize input devices and automatically setup default mappings between the physical device and the RetroPad virtual controller.

    Tags: #ruby

  • Sep 12, 2025

    spring4shell-scan

    A fully automated, reliable, and accurate scanner for finding Spring4Shell and Spring Cloud RCE vulnerabilities

    • Support for lists of URLs.
    • Fuzzing for more than 10 new Spring4Shell payloads (previously seen tools uses only 1-2 variants).
    • Fuzzing for HTTP GET and POST methods.
    • Automatic validation of the vulnerability upon discovery.
    • Randomized and non-intrusive payloads.
    • WAF Bypass payloads.

    Tags: #python

  • Sep 11, 2025

    exllamav3

    An optimized quantization and inference library for running LLMs locally on modern consumer-class GPUs

    ExLlamaV3 is an inference library for running local LLMs on modern consumer GPUs. Headline features:

    • New EXL3 quantization format based on QTIP
    • Flexible tensor-parallel and expert-parallel inference for consumer hardware setups
    • OpenAI-compatible server provided via TabbyAPI
    • Continuous, dynamic batching
    • HF Transformers plugin (see here)
    • HF model support (see supported architectures)
    • Speculative decoding
    • 2-8 bit cache quantization
    • Multimodal support

    The official and recommended backend server for ExLlamaV3 is TabbyAPI, which provides an OpenAI-compatible API for local or remote inference, with extended features like HF model downloading, embedding model support and support for HF Jinja2 chat templates.

    Tags: #python

  • Sep 11, 2025

    DPlayer-Typecho

    Typecho plugin for DPlayer

    DPlayer for typecho

    Tags: #php

  • Sep 11, 2025

    Leaflet.draw

    Vector drawing and editing plugin for Leaflet

    Adds support for drawing and editing vectors and markers on Leaflet maps.

    Supports Leaflet 0.7.x and 1.0.0+ branches.

    Please check out our Api Documentation

    Tags: #javascript

  • Sep 10, 2025

    MutabilityDetector

    Lightweight analysis tool for detecting mutability in Java classes

    Mutability Detector is designed to analyse Java classes and report on whether instances of a given class are immutable. It can be used:

    • In a unit test, with an assertion like assertImmutable(MyClass.class). Is your class actually immutable? What about after that change you just made?
    • As a FindBugs plugin. Those classes you annotated with @Immutable, are they actually?
    • At runtime. Does your API require being given immutable objects?
    • From the command line. Do you want to quickly run Mutability Detector over an entire code base?

    Tags: #java

  • Sep 10, 2025

    SPFtoolbox

    SPFtoolbox is a Javascript and PHP app to look up DNS records such as SPF, MX, Whois, and more

    Tags: #php • spf • dns-record

  • Sep 9, 2025

    passwords

    A simple, yet feature rich password manager for Nextcloud

    Easy to use yet feature-rich and secure password manager for Nextcloud

    Tags: #php • nextcloud • nextcloud-app

  • Sep 9, 2025

    enlightn

    Your performance & security consultant, an artisan command away.

    Think of Enlightn as your performance and security consultant. Enlightn will “review” your code and server configurations, and give you actionable recommendations on improving performance, security and reliability!

    The Enlightn OSS (open source software) version has 66 automated checks that scan your application code, web server configurations and routes to identify performance bottlenecks, possible security vulnerabilities and code reliability issues.

    Enlightn Pro (commercial) is available for purchase on the Enlightn website and has an additional 64 automated checks (total of 131 checks).

    Tags: #php • laravel • static-analysis

subscribe via RSS