812 Open source projects that are alternatives of or similar to security-study-tutorial

Swift-based fuzzing tools

A utility to make Kotlin/Java tests random yet reproducible

✅ A checklist for building Java + Angular/React web applications in the correct way

An experimental high performance, fuzzing oriented Intel Processor Trace capture and analysis suite

A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

我的开发工具箱

Run fuzzing experiments in Docker

Fuzzer to automatically find side-channel (timing) vulnerabilities

🐇 Fuzzing Rust code with American Fuzzy Lop

🌈 A Curated List of Checklists ✔︎✔︎

Go Fuzzit Example

著作《Windows APT Warfare：惡意程式前線戰術指南》各章節技術實作之原始碼內容

一键生成Java代码的burp插件/Generate Java script for fuzzing in Burp。

The protocols we follow for the things we cannot automate yet! ✅

EBNF grammar fuzzer

OpenType font file format fuzzer for Windows

Mining parameters from dark corners of Web Archives

Privacy Online Test and Resource Compendium (POTARC) 🕵🏻

OSS-Fuzz - continuous fuzzing for open source software.

Ansible role to manage packages and up(date|grade)s in Debian-like systems

A fast, parallel test case minimization tool.

Best practices and ideas for Hugo the open-source static site generator.

Command line helpers for fuzzing

Dependency injection via APT (source code generation) ala "Server side Dagger DI"

Checklist of security precautions for Ruby on Rails applications.

Angora is a mutation-based fuzzer. The main goal of Angora is to increase branch coverage by solving path constraints without symbolic execution.

FuSeBMC is a novel Energy-Efficient Test Generator that exploits fuzzing and BMC engines to detect security vulnerabilities in real-world C programs.

FuzzBench - Fuzzer benchmarking as a service.

前端开发学习指南

An analysis tool for Python that blurs the line between testing and type systems.

Критерии качественной вёрстки (разметка, стилизация, картинки, шрифты, автоматизация и пр.)

Hypothesis is a powerful, flexible, and easy to use library for property-based testing.

☑️ A checklist of miscellaneous tasks to do before launching a public website.

coverage guided fuzz testing for javascript

RVT is a collection of tools/libraries to support both static and dynamic verification of Rust programs.

The checklist that is used when a project is going live

coverage guided fuzz testing for java

Code for the USENIX 2017 paper: kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels

libdft for Intel Pin 3.x and 64 bit platform. (Dynamic taint tracking, taint analysis)

QSYM: A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing

🔑 Community-driven Rails Security Checklist (see our GitHub Issues for the newest checks that aren't yet in the README)

This experimetal fuzzer is meant to be used for API in-memory fuzzing.

Fuzzing tool written in Golang. Insane monkey not included.

Randomized testing for Go

🍿 The perfect Checklist Website for meticulous developers.

渗透测试人员专用精简化字典 Dictionary for penetration testers happy hacker

Ontology Triones Service Node security checklist（本体北斗共识集群安全执行指南）

Utilities for automated crash sample processing/analysis, easy afl-fuzz job management and corpus optimization

A command-line and ruby API of utilities, converters and tools for creating, converting and processing security baseline formats, results and data

A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.

Network based protocol fuzzer

Amazingly fast response crawler to find juicy stuff in the source code! 😎🔥

Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)

AFL-based fuzz testing for .NET

✔️ Checklist for your web service

Tough Fuzzer is an obstacle course for go-fuzz composed of a series of small code samples which encapsulate the most common obstacles to code-coverage the fuzzer will encounter. In each case, the obstacle is insurmountable in a reasonable period of time using random inputs or even coverage-guided mutation.

Simple Keylogger with smtp to send emails on your account using python works on linux and Windows

go-sqlancer

Defensive Origins Training Schedule

Fuzzware's main repository. Start here to install.