Links
AddScan for secrets in dangling commits on GitHub using GH Archive data.
This tool scans for secrets in dangling (dereferenced) commits on GitHub created by force push events. A force push occurs when developers overwrite commit history, which often contains mistakes, like hard-coded credentials. This project relies on archived force push event data in the GHArchive to identify the relevant commits.
Related contents:
Find and verify secrets. Find leaked credentials.
TruffleHog is the most powerful secrets Discovery, Classification, Validation, and Analysis tool. In this context secret refers to a credential a machine uses to authenticate itself to another machine. This includes API keys, database passwords, private encryption keys, and more...
Related contents:
Automatic audio mastering plugin for live-streaming, podcasting and internet radio stations.
A lightweight CLI and local API server to create, run and manage macOS and Linux virtual machines (VMs) natively on Apple Silicon.
HTTP load testing tool and library. It's over 9000!'
Vegeta is a versatile HTTP load testing tool built out of a need to drill HTTP services with a constant request rate. It's over 9000!
The Log File Navigator, lnav for short, is an advanced log file viewer for the small-scale. It is a terminal application that can understand your log files and make it easy for you to find problems with little to no setup.
Script that allows the easy creation of OpenVPN endpoints in any AWS region. To create a VPN endpoint is done with a single command takes ~3 minutes. It will create a VPC with proper security groups. It spins up a tagged ec2 instance and configures OpenVPN software. Once instance is configured an OpenVPN configuration file is downloaded and ready to use. There is also functionality to see which instances are running in which region and ability to terminate the instance when done. Additional functionality includes specifying instance type, generate ssh keypairs, specify custom ami, change login user and more to come.
List system USB buses and devices. A modern cross-platform lsusb that attempts to maintain compatibility with, but also add new features.
Related contents:
Modern Zod-based CLI builder, fully type-safe, super lightweight and flexible.
Turbulenz is a modular 3D and 2D game framework for making HTML5 powered games for browsers and mobile devices.
libSQL is a fork of SQLite that is both Open Source, and Open Contributions.
We aim to evolve it to suit many more use cases than SQLite was originally designed for, and plan to use third-party OSS code wherever it makes sense.
Limbo is a work-in-progress, in-process OLTP database management system, compatible with SQLite.
Related contents:
🤱🏻 Turn any webpage into a desktop app with Rust.
Related contents:
TwigStan is a static analyzer for Twig templates powered by PHPStan.
TwigStan uses Twig to compile templates to PHP code. It then optimizes the compiled PHP code slightly, allowing PHPStan to analyze it better. It then reports any errors back to the original template and line number.
Docker Authorization Plugin.
A basic extendable Docker authorization plugin that runs directly on the host or inside a container. The framework depends on docker authentication plugin support. Basic authorization is provided when Docker daemon is started with --tlsverify flag (username is extracted from the certificate common name).
Twemcache (pronounced "two-em-cache") is the Twitter Memcached. Twemcache is based on a fork of Memcached v.1.4.4 that has been heavily modified to make to suitable for the large scale production environment at Twitter.
OpenSource note-taking & archiving alternative to Evernote, Microsoft OneNote & Google Keep
Lightweight modern Python library to add security headers (CSP, HSTS, etc.) to Django, Flask, FastAPI, and more. Secure defaults or fully customizable.
onak is an OpenPGP compatible keyserver. It was originally written concentrating on providing real time path finding between 2 keys, but over time has moved to concentrating on providing standard keyserver storage and retrieval functionality.
An OCI base image of Fedora CoreOS with batteries included.
uCore is an OCI image of Fedora CoreOS with "batteries included". More specifically, it's an opinionated, custom CoreOS image, built daily with some common tools added in. The idea is to make a lightweight server image including commonly used services or the building blocks to host them.
ChainReactor is a research project that leverages AI planning to discover exploitation chains for privilege escalation on Unix systems. The project models the problem as a sequence of actions to achieve privilege escalation from initial access to a target system.
A C++ library for reading MacBook lid angle sensor data, based on reverse engineering of HID device specifications.
Cameradar hacks its way into RTSP videosurveillance cameras.
Related contents:
YOLOv5 in PyTorch > ONNX > CoreML > TFLite. YOLOv5 is the world's most loved vision AI, representing Ultralytics open-source research into future vision AI methods, incorporating lessons learned and best practices evolved over thousands of hours of research and development.
Automated resources sizing tool for containers in kubernetes.
Kondense is an automated resource sizing tool. It runs as a sidecar in kubernetes pods. Kondense uses memory pressure to apply just the right amount of memory on a container to page out the unused memory while not getting out-of-memory killed.
Firefox Decrypt is a tool to extract passwords from profiles of Mozilla (Fire/Water)fox™, Thunderbird®, SeaMonkey® and derivates.
It can be used to recover passwords from a profile protected by a Master Password as long as the latter is known. If a profile is not protected by a Master Password, passwords are displayed without prompt.
A post-processing tool for scanned sheets of paper.
unpaper is a post-processing tool for scanned sheets of paper, especially for book pages that have been scanned from previously created photocopies. The main purpose is to make scanned book pages better readable on screen after conversion to PDF. Additionally, unpaper might be useful to enhance the quality of scanned pages before performing optical character recognition (OCR).
Just a simply easy way to label each element you want!
A self-hosted API that takes a URL and returns a file with browser screenshots. You run the API on your machine, you send it a URL, and you get back the website data as a file plus screenshots of the site. Simple as.
Simple, privacy-focused website analytics. Built with Golang & Preact. Fathom Lite is a previous and open-source version of Fathom Analytics (a paid, hosted Google Analytics alternative). It was the very first version of our software, and has been downloaded millions of times! While we are no longer adding features to this Lite version, we will be continuing to maintain it long-term and fix any bugs that come up.
A Completely Modular LLM Reverse Engineering, Red Teaming, and Vulnerability Research Framework.
Open DMARC Analyzer is an Open Source DMARC Report Analyzer to be used with DMARC reports that have been parsed by John Levine's rrdmarc script or techsneeze's dmarcts-report-parser.
CLI tool to easily migrate Kubernetes persistent volumes.
pv-migrate is a CLI tool/kubectl plugin to easily migrate the contents of one Kubernetes PersistentVolumeClaim to another.
automatically tests prompt injection attacks on ChatGPT instances.
Prompt injection is a type of security vulnerability that can be exploited to control the behavior of a ChatGPT instance. By injecting malicious prompts into the system, an attacker can force the ChatGPT instance to do unintended actions.
wholeaked is a file-sharing tool that allows you to find the responsible person in case of a leakage. It's written in Go.
A lightweight comments widget built on GitHub issues. Use GitHub issues for blog comments, wiki pages and more!
🌈 React for interactive command-line apps. React for CLIs. Build and test your CLI output using components.
Ink provides the same component-based UI building experience that React offers in the browser, but for command-line apps. It uses Yoga to build Flexbox layouts in the terminal, so most CSS-like props are available in Ink as well. If you are already familiar with React, you already know Ink.
Apache Tika bindings for PHP: extract text and metadata from documents, images and other formats.
The Apache Tika™ toolkit detects and extracts metadata and text from over a thousand different file types (such as PPT, XLS, and PDF).
Deep Packet Inspection circumvention utility (for Windows).
This software designed to bypass Deep Packet Inspection systems found in many Internet Service Providers which block access to certain websites.
It handles DPI connected using optical splitter or port mirroring (Passive DPI) which do not block any data but just replying faster than requested destination, and Active DPI connected in sequence.
🌸 HTTP REST API caching middleware, to be used between load balancers and REST API workers.
Simple frontend for LLMs built in react-native.
ChatterUI is a native mobile frontend for LLMs.
Run LLMs on device or connect to various commercial or open source APIs. ChatterUI aims to provide a mobile-friendly interface with fine-grained control over chat structuring.
Related contents:
An open source Valkey client library that supports Valkey and Redis open source 6.2, 7.0 and 7.2. Valkey GLIDE is designed for reliability, optimized performance, and high-availability, for Valkey and Redis OSS based applications. GLIDE is a multi language client library, written in Rust with programming language bindings, such as Java and Python
Related contents:
Configure Windows-based systems for a variety of tasks.
KOmpanion is a minimalistic library web application, that tightly coupled to KOReader features.
A Dashboard for displaying interactive statistics about your Plex media library.
Precision Episode Management for Sonarr.
Automates sending and deleting episodes or seasons to sonarr as played based on your rules. OCDarr is a smart media assistant that gives you episode-by-episode control over your library, automatically preparing what you want to watch next while cleaning up what you've already seen.
MCP Server to fetch costs and usage data from your Vantage account.
Use natural language to explore your organization’s cloud costs via MCP clients, like Claude, Cursor, and others. Ask questions about your organization's previous and current cloud cost spend, cost tagging, provider integrations, and more.
Monitor a process and trigger a notification.
Never sit and wait for some long-running process to finish. Noti can alert you when it's done. You can receive messages on your computer or phone.
VMM for native-performance sandboxing.
TinyKVM is a simple, slim and specialized userspace emulator library with native performance.
TinyKVM is designed to execute regular Linux programs and also excels at request-based workloads in high-performance HTTP caches and web servers.
Related contents:
Filter and redirect Overseerr/Jellyseerr requests based on requester, keywords, age ratings, and more. Supports routing to multiple instances simultaneously.
A playbook for effectively prompting post-trained LLMs.
This document is for anyone who would like to get better at prompting post-trained LLMs. We assume that readers have had some basic interactions with some sort of LLM (e.g. Gemini), but we do not assume a rigorous technical understanding.
A simple, responsive slider with no external dependencies except Jquery.
Vermilion is a clean, minimal and simple music player for MPD, Tidal, Spotify and more.
A jQuery Slider plugin with specific animations effects for each element.
A glossy Matrix collaboration client for the web. Element (formerly known as Vector and Riot) is a Matrix web client built using the Matrix React SDK.
An attack tool for simple, fast & effective security testing of M365 & Azure AD.
MAAD-AF is designed to make cloud security testing simple, fast and effective. Through its virtually no-setup requirement and easy to use interactive attack modules, security teams can test their security controls, detection and response capabilities easily and swiftly.
Linpmem is a linux memory acquisition tool. Linpmem is a Linux x64-only tool for reading physical memory.
Like its Windows counterpart, Winpmem, this is not a traditional memory dumper. Linpmem offers an API for reading from any physical address, including reserved memory and memory holes, but it can also be used for normal memory dumping. Furthermore, the driver offers a variety of access modes to read physical memory, such as byte, word, dword, qword, and buffer access mode, where buffer access mode is appropriate in most standard cases. If reading requires an aligned byte/word/dword/qword read, Linpmem will do precisely that.