Operational information regarding the log4shell vulnerabilities in the Log4j logging library.

A collection of hacking / penetration testing resources to make you better!

A Ruby static code analyzer and formatter, based on the community Ruby style guide.

A curated list of awesome remote jobs and resources. Inspired by https://github.com/vinta/awesome-python

Small and highly portable detection tests based on MITRE's ATT&CK.

Good For OSCP Training

Slides and Code for the BHUSA 2019 talk: Flying a False Flag

A vulnerable version of Rails that follows the OWASP Top 10

Application Security Verification Standard

🧠 Laws, Theories, Principles and Patterns for developers and technologists.

A collection of all the data i could extract from 1 billion leaked credentials from internet.

A Matrix (https://matrix.org/docs/spec/) to Fediverse / ActivityPub client / bridge. Also, some media proxying.

Some of my public exploits

How to systematically secure anything: a repository about security engineering

The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.

Nethugging client for Android, from wigle.net

An evolving how-to guide for securing a Linux server.

A collection of Linux Sysadmin Test Questions and Answers. Test your knowledge and skills in different fields with these Q/A.

😱 Falsehoods Programmers Believe in

My Discord Bot

Data and code behind the articles and graphics at FiveThirtyEight

180+ Algorithm & Data Structure Problems using C++

Copy me for your team.