Stars
Custom ESLint rule to disallows unsafe innerHTML, outerHTML, insertAdjacentHTML and alike
A simple tool to help apply changes across many GitHub repositories simultaneously
Static Analysis of Cryptography in Android Applications
A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.
Common solutions and tools developed by Google Cloud's Professional Services team. This repository and its contents are not an officially supported Google product.
🧠Laws, Theories, Principles and Patterns for developers and technologists.
This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.
A collection of browser-based side channel attack vectors.
CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.
Listo. Use questionnaires and checklists to make it easy to do the right thing, regarding the software you build.
Chrome extension to aid in finding DOMXSS by simple taint analysis of string values.
A place for creators and users of password managers to collaborate on resources to make password management better.
Understand kubernetes step by step. A simple repo for beginners 🔥
Resources for the working programmer to learn more about the fundamentals and theory of programming languages.
🎻 Controlling Sonic Pi from the command line
Security Crawl Maze is a comprehensive testbed for web security crawlers. It contains pages representing many ways in which one can link resources from a valid HTML document.
DevSkim is a set of IDE plugins, language analyzers, and rules that provide security "linting" capabilities.
Course materials for Advanced Binary Deobfuscation by NTT Secure Platform Laboratories
C/C++/ObjC language server supporting cross references, hierarchies, completion and semantic highlighting
This project is about creating and publishing threat model examples.
Playwright is a framework for Web Testing and Automation. It allows testing Chromium, Firefox and WebKit with a single API.
A Collection of Secure Mobile Development Best Practices
Lint an npm or yarn lockfile to analyze and detect security issues