118 Repositories
JavaScript supply-chain-security Libraries
Use Cloudflare Gateway DNS/VPN to block ads, malware and tracking domains - free alternative to NextDNS, Pi-hole and Adguard
Cloudflare Gateway Pi-hole Scripts (CGPS) Cloudflare Gateway allows you to create custom rules to filter HTTP, DNS, and network traffic based on your
StarkNet support extension for VSCode. Visualize StarkNet contracts: view storage variables, external and view functions, and events.
StarkNet Explorer extension This VSCode extension quickly shows relevant aspects of StarkNet contracts: Storage variables of the current contract, and
A bot that automatically claims winnings and runs 100% unattended. Now you can play while working, with friends, etc; Uses signals from TradingView to predict the price of BNB for up or down wagers in the PancakeSwap prediction game
*** Auto-Claim Prediction Robot *** $$$$$ Automatically claim your winnings!!! $$$$$ No more babysitting and checking balance!!! Play while you're at
Beautiful Visualizations For Your App's Dependencies 🧭
Beautiful Visualizations For Your App's Dependencies 🪱 Outputs SVGs Powered by D3 Overlays security vulnerabilities Works with npm & yarn Made by the
A Discord bot that uses Markov chains :)
About Markov BOT is a Discord bot that uses Markov chains to generate random sentences in the chat. The bot randomly collects messages written by user
POC OF CVE-2022-21970
CVE-2022-21970 Description Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This vulnerability allows an attacker to execute java
EL/ASI: Encrypt Locally, Account Secure Interchange
EL/ASI: Local App Security Protocol EL/ASI (Encrypt Locally, Account Secure Interchange) defines a protocol for protecting and exchanging data in loca
🥁 Batch contract/on-chain queries to the same block. Multicall SDK for the Klaytn blockchain.
Klaytn Multicall Built for inevitable-changes/bento Inspired by makerdao/multicall and dopex-io/web3-multicall 📦 Installation # Yarn yarn install kla
A browser extension to test the most basic security issues.
Ninja-Hacker-Cat Sidebar für Firefox This firefox extension can check your website for the most basic security issues and data leaks. It's an easy way
⛴️ Docker extension for deepfence/SecretScanner 🔐
SecretScanner Docker Extension How to install in Docker Desktop ? Note: Method to install this extension will change once SecretScanner extension is a
Simple and customizable security middleware for GraphQL servers in Deno.
GuarDenoQL Simple and customizable security middleware for GraphQL servers in Deno Features Integrates with an Opine server in a Deno runtime. Enables
Improve the security of your API by detecting common vulnerabilities as defined by OWASP and enforced with Spectral.
Spectral OWASP API Security Scan an OpenAPI document to detect security issues. As OpenAPI is only describing the surface level of the API it cannot s
Monitor your code for exposed API keys, tokens, credentials, and high-risk security IaC misconfigurations
Spectral VS Code extension The Spectral VS Code extension is a tool for developers that want to catch security issues (such as credentials, tokens and
Easy auditing & sandboxing for your JavaScript dependencies 🪱
Easy auditing & sandboxing for your JavaScript dependencies 🪱 TL;DR Sandworm intercepts all sensitive Node & browser APIs, like child_process.exec or
Full dynamic tool kit that is capable of deobfuscating and producing a javascript representation of Shape's Virtual Machine obfuscation
Shape Security Decompiler Tool-Kit This tool kit is capable of dynamically deobfuscating all versions of shape security's virtual machine interpreter
Vaultacks lets users store files off-chain on Gaia. Files are encrypted by default but also can be made public and shared
Vaultacks Vaultacks is built on the Stacks Chain. It lets users upload files to Gaia, a off-chain data storage system. Vaultacks currently uses the de
Multi-chain defi crypto sniper written in typescript/javascript. Fastest method of sniping with auto-sell and rug prevention features.
CryptoSniper Community Edition Multi-chain defi crypto sniper written in typescript/javascript. Fastest method of sniping with auto-sell and rug preve
Chain Anime.js calls on jQuery selectors.
jQuery.animejs This is a small ( 1kb) helper plugin for the great Anime.js. Features Chain Anime.js calls in a more readable way. Supports latest Ani
Infisical — Sync your .env securely in seconds.
Infisical Infisical is a simple, end-to-end encrypted secrets manager for your .env files. It enables teams to securely sync and manage .env files in
A module federation SDK which is unrelated to tool chain for module consumer.
hel-micro, 模块联邦sdk化,免构建、热更新、工具链无关的微模块方案 Demo hel-loadash codesandbox hel-loadash git Why hel-micro 如何使用远程模块 仅需要一句npm命令即可载入远程模块,查看下面例子线上示例 1 安装hel-micr
Coverage-guided, in-process fuzzing for the Node.js
Jazzer.js Jazzer.js is a coverage-guided, in-process fuzzer for the Node.js platform developed by Code Intelligence. It is based on libFuzzer and brin
Metlo is an open-source API security platform.
Metlo API Security Secure Your API. Metlo is an open-source API security platform Create an Inventory of all your API Endpoints. Proactively test your
Zero-Knowledge OTP verification on chain
zkOTP: Zero-Knowledge OTP verification on chain Motivation Inspired by SmartOTP and Modulo's 1wallet, a zkOTP solution can manage access to a smart co
Shield is a development framework for circom developers. The core reason is to provide libraries, plugins, and testing tools to ensure code quality and security.
SHIELD Shield is a development framework for circom developers but we plan it to other languages such as CAIRO, SNARKYJS etc. The core reason is to pr
Best fast responsive discord anti nuke bot made in javascript using Discord JS@v13
Security Plus Security Plus is an advance anti nuke bot for discord server , Developed in JavaScript by using discord.js@v13 , Security Plus don't all
🛡️ Dead-simple, yet highly customizable security middleware for Apollo GraphQL servers and Envelop 🛡️
GraphQL Armor 🛡️ GraphQL Armor is a dead-simple yet highly customizable security middleware for various GraphQL server engines. Contents Contents Sup
Pull a smart contract from mainnet onto your local chain.
hardhat-copy hardhat-copy helps you import an Ethereum mainnet smart contract onto your local Hardhat node, enabling you to rapidly experiment with pr
Check the strength of your password simply and quickly, and with optional UI indicators
Check the strength of your password simply and quickly, and with optional UI indicators. Lock Steel is lightweight, has no dependencies and is connected with the UI elements. Just pure CSS and VanillaJS.
The open-source security lake platform for AWS
The open-source security lake platform for AWS. Website | Docs | Community What is Matano? Matano is an open source security lake platform for AWS. It
Cosmos chain registry ⚛️
chain-registry The npm package for the Official Cosmos chain registry npm install chain-registry example import { assets, chains, ibc } from 'chain-r
Snippets for securing, transforming, and optimizing GraphQL APIs.
StepZen Snippets Welcome! StepZen is a unique and declarative way to build & run any-sized Graph in minutes. Explore the docs View Demo Report Bug Req
REST API complete test suite using openapi.json
Openapi Test Suite Objective This package aims to solve the following two problems: Maintenance is a big problem to solve in any test suite. As the AP
This is a demo project for the SecTester JS SDK framework, with some installation and usage examples
SecTester SDK Demo Table of contents About this project About SecTester Setup Fork and clone this repo Get a Bright API key Explore the demo applicati
On-chain snapshots of the whole blockchain state
📸 Snapshop 📸 Snapshop is a tool for creating on-chain snapshots of the whole blockchain state. It lets your smart contracts read the storage of any
CTF (Capture The Flag) is a type of information security competition that challenges contestants to find solutions or complete various tasks.
WHAT IS CTF? CTF (Capture The Flag) is a type of information security competition that challenges contestants to find solutions or complete various ta
Restream is a module that allows you to create a stream of an audio/video file from the Firebase storage, protected from direct download through the client-side.
nuxt-restream Restream is a module that allows you to create a stream of an audio/video file from the Firebase storage, protected from direct download
Fixes code dependency issues 🤼♀️
Codependence 🤼♀️ Codependence is a JavaScript utility CLI or node tool for checking specified dependencies in a project to ensure dependencies are u
Passport NFT using on-chain metadata
Passport NFT Collection Setup yarn Environment File (.env) RINKEBY_URL: Ethereum (Rinkeby) Testnet Provider endpoint MATIC_URL: Polygon (Matic Mumbai)
From the Linux Foundation office in New York City, welcome to The Untold Stories of Open Source
From the Linux Foundation office in New York City, welcome to The Untold Stories of Open Source. Each week we explore the people who are supporting Open Source projects, how they became involved with it, and the problems they faced along the way.
basic dissembler for Kasada's virtual machine obfuscation
Kasada Dissembler A simple kasada dissembler which is capable of tracing through and executing every single opcode in kasada's bytecode and then loggi
Analytics and insights for data aggregated from multiple bridges and chains.
Inter-Bridge-Visualizer Analytics and insights for data aggregated from multiple bridges and chains. Website at bridgeexplorer.xyz Background Bridges
A fast, synchronized and dynamic query builder package.
@ssibrahimbas/query A fast, synchronized and dynamic query builder package. What is? In short, the query builder. You can write complex and parameteri
chain-syncer is a module which allows you to synchronize your app with any ethereum-compatible blockchain/contract state. Fast. Realtime. Reliable.
Chain Syncer Chain Syncer is a JS module which allows you to synchronize your app with any ethereum-compatible blockchain/contract state. Fast. Realti
Ethereum chain sniperbot for tokens. This bot sniffs the mempool for pending transactions for trading enabled and also liquidity add functions.
Ethereum chain sniperbot for tokens. This bot sniffs the mempool for pending transactions for trading enabled and also liquidity add functions.
Ready to manipulate partitions file? Create a custom partition, apply custom security system, hide the partition and share your hidden data on the www
Paranoia 💊 Ready to manipulate partitions file? Create a custom partition, apply custom security system, hide the partition and share your hidden dat
It shows how to generate and use temparary security credential using AWS STS.
AWS STS를 이용한 Temparary security credential 활용하기 Lambda의 Function URL와 같이 IAM을 이용하여 REST api를 호출할때는 보안상 Temparary security credential를 고려해 볼 수 있습니다. 여기
📬 A quick comparison of private and / or secure email providers
📬 Email Comparison A comparison table of private and / or secure email providers Live App The app can be accessed at: lissy93.github.io/email-compari
A novel approach for security and user experience of Graphical Password Authentication.
Graphical Password Authentication Alohomora Harry Potter themed (not really) Graphical Password Authentication Flowchart and Architecture Solution Dem
An ERC-721 like NFT contract with Plutus scripts and Lucid as off-chain framework
Gatsby minimal TypeScript starter 🚀 Quick start Create a Gatsby site. Use the Gatsby CLI to create a new site, specifying the minimal TypeScript star
Security tool + attack database used to take quick action against newly-discovered vulnerabilities in the blockchain.
SolidGuard Version: v1.0.1 SolidGuard is a Blockchain Security tool catered towards organizations who manages decentralized applications on the Ethere
E-Commerce solution for security of databases and transactions.
commerce_new_era AMAÇ Amacımız günümüzde E-Ticaret sitelerinde bulunan sahte ürünlerin ve mağduriyetlerin önüne geçmektir. Bunu yapmak için Blockchai
simple dashboard for cross-chain greeks
Oh My Greeks Simple platform for cross-chain Greeks Intro We need a place to see all my on-chain greeks.. aggregated nicely. Hosting Currently hosting
CloudSecWiki is a cloud security oriented knowledge base maintained by HuoCorp.
CloudSecWiki CloudSecWiki is a cloud security oriented knowledge base maintained by HuoCorp. CloudSecWiki web address:cloudsec.huoxian.cn Local Deploy
A tiny blockchain node for browsers.
UBI Chain A very tiny blockchain for browsers. Features Spin up a node from a browser. One node per human via Proof of Humanity UBI for gas and fees.
📊 AlphaSwap subgraph - (Blocks, token info, profiles, pricing data, LP metrics, etc...)
AlphaSwap Subgraph AlphaSwap is a decentralized protocol for automated token exchange on the KCC network. This subgraph dynamically tracks any pair cr
On-chain query batcher for CosmWasm-enabled chains
multiquery On-chain query batcher for CosmWasm. Similar to SCB 10X's multicall contract, but supports any serializable query request, not limited to W
Password Generator - A fast, simple and powerful open-source utility tool for generating strong, unique and random passwords
A fast, simple and powerful open-source utility tool for generating strong, unique and random passwords. Password Generator is free to use as a secure password generator on any computer, phone, or tablet.
Multi-chain sniper bot to buy and sell tokens on ETH compatible chains. Features include instant or mempool sniping, rug protection, and sell management.
An open-source defi sniper. defi-sniper is free to download. NEW Community telegram group: https://t.me/+aBLUmP1UnypiNTVh Premium Services Now Availab
Hacking Prodigy, the math game.
Website • Discord • Installation • YouTube How to install See our Quickstart Guide. Info We aren't evil. We aren't evil. Everything is open source, fo
Smart contracts for DecentraMix.io, a cross-chain, non-custodial privacy-preserving protocol within the DecentraWorld ecosystem.
➡ DecentraMix.io Solidity Smart Contracts To get a better understanding of DecentraMix, we recommend to read about the technologies and privacy protoc
Lucid is a library, which allows you to create Cardano transactions and off-chain code for your Plutus contracts in JavaScript and Node.js.
Lucid is a library, which allows you to create Cardano transactions and off-chain code for your Plutus contracts in JavaScript and Node.js.
A decentralized protocol for indexing and querying data from DecentraMix's on chain contracts across all supported blockchains.
A decentralized protocol for indexing and querying data from DeMix contracts across all supported blockchains.
npm registry proxy with on-the-fly filtering
npm-registry-firewall 📦 📦 🔥 npm registry proxy with on-the-fly filtering Key Features Restricts access to remote packages by predicate: name org ve
Projeto de Botnet com Python, Websockets, Async e Javascript
A3 - Botnets Este é um repositório onde documentarei todo o processo de pesquisa e desenvolvimento de uma botnet do zero com python, websockets e asyn
DecentraMix.io is a cross-chain, non-custodial, universal privacy-preserving protocol with the decentralized governance
DecentraMix.io is a cross-chain, non-custodial, universal privacy-preserving protocol with the decentralized governance. DecentraWorld applies zkSNARKs to enable transactional privacy for all DeFi components by breaking the on-chain link between depositor and recipient addresses.
Danger is near (play to earn game, gamefi on near chain testnet) - user play as a fireknight in a PIXELVERSE world who go to forest and kill monster.
Danger is near (play to earn game, gamefi on near chain testnet) - user play as a fireknight in a PIXELVERSE world who go to forest and kill monster. User can earn $DANGER token and score to compete with others user.
This SDK helps developers get started with the on-chain tools provided by Metaplex.
Metaplex JavaScript SDK ⛔️ DO NOT USE IN PRODUCTION, THIS SDK IS IN VERY EARLY ALPHA STAGES! This SDK helps developers get started with the on-chain t
Shifty is a tiny zero-dependency secrets generator, built for the web using TypeScript.
Shifty is a tiny zero-dependency secrets generator, built for the web using TypeScript. Installation yarn add @deepsource/shifty Usage Shifty is built
Disallow form tags without explicit method="post"
eslint-plugin-require-form-method-post Disallow form tags without explicit method="post" Prevents sensitive data appearing on URLs Allow form tags wit
A quick and easy to use security reconnaissance webapp tool, does OSINT, analysis and red-teaming in both passive and active mode. Written in nodeJS and Electron.
ᵔᴥᵔ RedJoust A quick and easy to use security reconnaissance webapp tool, does OSINT, analysis and red-teaming in both passive and active mode. Writte
Stays: book accommodation on-chain, pay in crypto, and help local communities
Stays: on-chain bookings Installation Make sure you have node and nvm installed: nvm use v16 npm install -g yarn npm install -g lerna yarn install ler
Gas-efficient on-chain batched shuffling for NFTs
Batch NFT reveal This repository contains a gas-efficient implementation of an on-chain shuffling algorithm used to reveal NFTs in batches. The main b
A bridge between different EVM based Chains.
Blockchain Bridge between different Ethereum based chains. This project uses DApps and smart contracts to Bridge assets between blockchains and it is
Project Security Term 3.2 @ PIM
Security This project was generated with Angular CLI version 12.2.10. Development server Run ng serve for a dev server. Navigate to http://localhost:4
Been interested, studying, and developing blockchain security with a Zero Knowledge Proof (ZKP) and create a prototype on the current issue with Philippine's upcoming election. 📥
Implementation of Zero Knowledge Proofs in Cryptographic Voting 😎 Reference: Cryptographic Voting – A Gentle Introduction Overview 👨🏻💻 The main i
A website for tracking community support for BIP21 QR codes that support on-chain and lightning bitcoin payments.
BIP21 Microsite This is a WIP microsite to promote the usage of a BIP21 payment URI QR code that can include lightning invoices or offers. Wallet supp
How to implement Step-up Authentication using Amazon Cognito
How to implement Step-up Authentication using Amazon Cognito This repository contains accompanying source code for the AWS Blog post, How to implement
Audio visual mitigation of Rickrolls using computer vision.
Computer Vision Rick Astley Muter This project utilizes an advanced computer vision model to mute your speakers when Rick Astley is detected on your s
Hashing library for Nest.Js
A progressive Node.js framework for building efficient and scalable server-side applications. Description Hashing library for NestJS. Installation $ n
Scans your computer for node modules that are potentially vulnerable to supply chain attacks
Scans your computer for node modules that are potentially vulnerable to supply chain attacks. You still need to review the code of modules that are not vulnerable, but this helps.
Easy-to-use tool to inform you about potential risks in your project dependencies list
sdc-check Easy-to-use tool to inform you about potential risks in your project dependencies list Usage Add to your project Add new npm command to scri
🚀 Send a load of requests with nodejs using cluster and with/without Tor for anonymisation 🙈
Accumulator 🚀 Send a load of requests with nodejs using cluster and with/without Tor for anonymisation 🙈 ⚠️ Disclamer, This repo has been created fo
Chain Link External Inititator Template
Chain Link External Inititator Template AWS Lambda Ready Pre-Deployment 1) Install the Serverless Framework globally npm install serverless -g 2) In
Node.js Express + MySQL vulnerable boilerplate project
Node.js Express + MySQL vulnerable boilerplate project
GitHub Advisory Database RSS Feeds.
github-advisory-database-rss RSS Feeds for GitHub Advisory Database. Usage Visit https://azu.github.io/github-advisory-database-rss/ Subscribe RSS Fee
On-chain generative NFT collection
ETH Time ETH Time is a new NFT collection created to explore new ways of generating NFTs on-chain. It is inspired by existing projects such as Zora's
Nouns On-Chain Proposal Simulation and Analysis
Nouns Diligence Nouns On-Chain Proposal Simulation and Analysis For Voters Technical reports for all reviewed proposals can be found in the reports fo
🤖 An action that fetches the list of malicious domains on Discord in different providers and creates/updates a JSON file with them from time to time.
Discord Guardian Action 🤖 This action fetches the list of malicious domains on Discord in different providers and creates/updates a JSON file with t
spartacus是一个基于Spring Boot 2.3.x、Spring Cloud Hoxton.SR5、Spring Security 2.3.x、OAuth2.0、Python3等开源框架构建的分布式系统
spartacus是一个基于Spring Boot 2.3.x、Spring Cloud Hoxton.SR5、Spring Security 2.3.x、OAuth2.0、Python3等开源框架构建的分布式系统,亦是一个功能完备的微服务脚手架。
LunaSec - Open Source Security Software built by Security Engineers. Scan your dependencies for Log4Shell, or add Data Tokenization to prevent data leaks. Try our live Tokenizer demo: https://app.lunasec.dev
Our Software We're a team of Security Engineers on a mission to make awesome Open Source Application Security tooling. It all lives in this repo. Here
Demo showcasing information leaks resulting from an IndexedDB same-origin policy violation in WebKit.
Safari 15 IndexedDB Leaks Description This demo showcases information leaks resulting from an IndexedDB same-origin policy violation in WebKit (a brow
WAMpage - A WebOS root LPE exploit chain
WAMpage WAMpage - A WebOS root LPE exploit chain This exploit is mainly of interest to other researchers - if you just want to root your TV, you proba
On-chain defense against hostile takeovers
Poison pill On-chain defense against hostile takeovers. In layman's terms, this smart contract only facilitates a discounted sale of shares to a white
Security tool used to take quick action against newly-discovered vulnerabilities in the blockchain.
SolidGuard is a Blockchain Security tool catered towards organizations who manages decentralized applications on the Ethereum blockchain. It is an attack database for documenting all major hacks that happened in the blockchain, and is also used to notify or pause decentralized applications affected by the attacks published in the database.
Detect npm packages by author name in your package-lock.json or yarn.lock.
detect-package-by-author Detect npm packages by author name in your package-lock.json or yarn.lock. Install Install with npm: # Not Yet Publish # npm
Cloud security platform web with steampipe
cloud-security-platform-web-with-steampipe Home Tech Stacks Node.js + MongoDB + Steampipe Usage If you use ec2, no need credentils, config files. $ cd
Secure-electron-template - The best way to build Electron apps with security in mind.
secure-electron-template A current electron app template with the most popular frameworks, designed and built with security in mind. (If you are curio
Base62-token.js - Generate & Verify GitHub-style & npm-style Base62 Tokens
base62-token.js Generate & Verify GitHub-style & npm-style Secure Base62 Tokens Works in Vanilla JS (Browsers), Node.js, and Webpack. Online Demo See
Browser extension for generating HOTP passcodes for Duo Security Multi-Factor Authentication
duo-extension Browser extension for generating HOTP passcodes for Duo Security multi-factor authentication. Compatible with Firefox and Chromium-based
The CryptoVerse is a Cryptocurrency web application developed using Reactjs for providing the latest updates, value statistics, market cap, supply and news regarding the Cryptocurrency market.
CryptoVerse - A Crptocurrency Web Application Getting Started with Create React App This project was bootstrapped with Create React App. Available Scr