This script performs a complete analysis of all repositories in an organization on GitHub. It saves the data to a JSON file and generates a statistical summary at the end.
-
Python 3.8+
-
Packages:
-
requests -
python-dotenv
Magno Logan magnologan
DESIGN_REVIEW_QUERY = """ As a security expert, analyze the provided technical specification and perform the following steps in order:
STEP 1: Component Identification Carefully identify and list:
- All NEW components, services, or systems being introduced
- All EXISTING components that are being modified or changed
For each identified component, briefly describe:
- Its purpose and functionality
marceloglacial
/ gist:225498005299493be4b8712e5c97a3e2
Last active
November 13, 2025 11:43
GitHub Copilot Instructions for React and Next.js Projects
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # GitHub Copilot Instructions for React and Next.js Projects | |
| This file provides guidelines for GitHub Copilot to ensure consistent, clean, and performant code generation for React and Next.js applications. | |
| ## General Principles | |
| - **Clean Code:** Prioritize **readability, maintainability, and reusability**. | |
| - **Conciseness:** Aim for concise and expressive code. | |
| - **Descriptive Naming:** Use clear and descriptive names for variables, functions, components, and files (e.g., `getUserProfile`, `ProductCard`, `useAuth`). | |
| - **DRY (Don't Repeat Yourself):** Extract reusable logic into functions, custom hooks, or components. |
ridjex
/ waf-smoke-test.sh
Last active
October 23, 2025 10:22
Lightweight Bash script to test basic WAF (Web Application Firewall) protections against common SQL injection and XSS payloads. Use this to quickly assess your web application’s surface against low-hanging injection vulnerabilities.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # 🚀 Discover More: Testing Your Firewall in 60 Seconds: A Lightweight WAF Testing Script That Anyone Can Use | |
| # Learn how this script works and the best practices for WAF testing. | |
| # Read the full article here: | |
| # 👉 https://medium.com/@kochuraa/testing-your-firewall-in-60-seconds-a-lightweight-waf-testing-script-that-anyone-can-use-a7a725fefcb7 | |
| # Safe WAF Tester Script | |
| # Usage: ./waf-smoke-test.sh <URL> [-o output.md] [-H "Header: Value"] | |
| # Examples: |
This script is designed to assist in identifying pull requests to HuggingFace repositories
that are sourced from the SFConvertbot user.
The SFConvertbot user is part of an automated tool used by HuggingFace to provide safetensor
versions of models. As published by HiddenLayer
this bot can be used by malicious actors to potentially insert malicious content into models.
This tool is a simple script to query all models released by a HuggingFace author, and checks all
Proteas
/ PoC.m
Last active
July 7, 2023 10:22
— forked from LinusHenze/PoC.m
A PoC for CVE-2023-28206
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // | |
| // PoC.m | |
| // IOSABugTrigger | |
| // | |
| // Created by Linus Henze on 2023-04-08. | |
| // Copyright © 2023 Pinauten GmbH. Some rights reserved. | |
| // | |
| // | |
| // This is a PoC for CVE-2023-28206, triggering an oob memmove in IosaColorManagerMSR8::getHDRStats_gatedContext |
yardenshafir
/ vulnerable_drivers_hvci_bypass
Created
May 22, 2023 16:17
Vulnerable drivers from loldrivers.io that load with HVCI blocklist version 25314
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - 0a6a1c9a7f80a2a5dcced5c4c0473765.bin | |
| - 0c0195c48b6b8582fa6f6373032118da.bin | |
| - 0d5774527af6e30905317839686b449d.bin | |
| - 045ef7a39288ba1f4b8d6eca43def44f.bin | |
| - 07efb8259b42975d502a058db8a3fd21.bin | |
| - 0898af0888d8f7a9544ef56e5e16354e.bin | |
| - 08c1bce6627764c9f8c79439555c5636.bin | |
| - 09672532194b4bff5e0f7a7d782c7bf2.bin | |
| - 0dff47f3b14fb1c1bad47cc517f0581a.bin | |
| - 0fc2653b1c45f08ca0abd1eb7772e3c0.bin |
themoonofendor
/ Preparation to App Sec Engineer Interview and Questions
Last active
June 14, 2024 19:22
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - Threat Modelling / Code Review — | |
| Resources-for-Application-Security | |
| How to prepare for a security engineer interview by Eray Mitrani | |
| Security_Engineer_Interview_Questions by Tad Whitaker | |
| Security Engineer - Interview Questions by Namish |
myrtus0x0
/ IcedID_01_16_2023.txt
Created
January 17, 2023 01:30
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| loader: | |
| project_id: 3074491541 | |
| domain: dgormiugatox.com | |
| bot: | |
| c2s: | |
| - skaiortalop.com | |
| - ijoyzymama.com | |
| - ertusaporf.com | |
| - elcapolis.com | |
| - lezhidov.cloud |
righettod
/ portswigger-webacademy-status-check.ps1
Last active
September 2, 2022 16:48
Quick PowerShell functions to identify any courses or labs missed from the Portswigger WebAcademy courses.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Test-WebAcademy-Labs-Status($sessionCookieValue){ | |
| $storageFile="$env:USERPROFILE\.webacademy-labs-status" | |
| $session = New-Object Microsoft.PowerShell.Commands.WebRequestSession | |
| $cookie = New-Object System.Net.Cookie | |
| $cookie.Name = "SessionId" | |
| $cookie.Value = $sessionCookieValue | |
| $cookie.Domain = ".portswigger.net" | |
| $session.Cookies.Add($cookie); | |
| Write-Host "[i] Status storage file: $storageFile" -ForegroundColor Cyan | |
| Write-Host "[+] Retrieving labs status from PortSwigger labs web page..." -ForegroundColor Yellow |
NewerOlder