Prompt Injection Primer for Engineers

Security-related flags and options for C compilers

A curated list for Awesome Kubernetes Security resources

Simple Linux seccomp rules without writing any code

Aardvark is a multi-account AWS IAM Access Advisor API

Flight rules for git

.vimrc, .bashrc etc

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

Preparation links and resources for system design questions

Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]

📄 Awesome CV is LaTeX template for your outstanding job application

Wiki to collect Red Team infrastructure hardening resources

Stuff about it-security that might be good to know

Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass / Remote Code Execution

Automates elevation of privileges in Linux like systems

Welcome to the XSS Challenge Wiki!

A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.

Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature

The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.

Wargames, Security Hacks, Challenges, etc.

A list of public penetration test reports published by several consulting firms and academic security groups.

The Bug Hunters Methodology

A step by step guide of how to start contracting in United Kingdom

Malicious traffic detection system

Tor2web is an HTTP proxy software that enables access to Tor Hidden Services by mean of common web browsers

Phishing Scenarios Used for Phishing Frenzy

Chrome Extensions Samples

Dynamic Binary Instrumentation Fuzzing tool