gdssecurity Goto Github PK
Name: Aon's Cyber Solutions - Security Testing (Formerly GDS)
Type: Organization
Location: New York, NY
Name: Aon's Cyber Solutions - Security Testing (Formerly GDS)
Type: Organization
Location: New York, NY
Script for easily importing a trusted CA certificate into the iOS Simulator's trust store. This provides application testers the ability to intercept SSL traffic when using the simulator for testing.
This library was co-developed with a leading financial institution in order to build a single solution for Cross-Site Request Forgery (CSRF) prevention that is flexible enough to deploy firm-wide within diverse Java/J2EE web application environments.
AntiXSS for Java is a port of the Microsoft Anti-Cross Site Scripting (AntiXSS) v1.5 library for .NET applications. The library requires Java 1.4 or higher, but has no other prerequisites.
Blazentoo is an Adobe AIR application that can be used to exploit insecure Adobe BlazeDS and LiveCycle Data Services ES servers. Blazentoo provides the ability to seamlessly browse web content, abusing insecurely configured Proxy Services.
Python object interface to requests/responses recorded by Burp Suite
Tools developed for the book Network Security Tools: Writing, Hacking, and Modifying Security Tools (Published April 2005 by O'Reilly - ISBN 0-596-00794-9). These examples, along with the rest of the examples from the book, are also available from O'Reilly.
Utility for converting Findbugs, ESLint and PMD XML results into HP Fortify FPRs
Source code to the Crypto Challenges for the CSAW 2010 qualifying CTF
The Deflate Burp Plugin is a plug-in for Burp Proxy (it implements the IBurpExtender interface) that decompresses HTTP response content in the ZLIB (RFC1950) and DEFLATE (RFC1951) compression formats.
Official FusionPBX - A full-featured domain based multi-tenant PBX and voice switch for FreeSwitch.
Custom security ruleset for the popular Java static analysis tool PMD.
A set of tools made to assist in penetration testing GWT applications. Additional details about these tools can be found on my OWASP Appsec DC slides available here: http://www.owasp.org/images/7/77/Attacking_Google_Web_Toolkit.ppt
Script to test if a server is vulnerable to the JetLeak vulnerability
Custom Fortify SCA rules to detect common JSSE certification validation flaws
Demonstration of Manger's Oracle, attacking RSA OAEP
Configurable content-sniffing XSS test bed
This repository contains slide decks and other materials for talks and research presented at various conferences.
A portable console aimed at making pentesting with PowerShell a little easier.
Sample Findbugs custom detector for finding potentially insecure Scala code.
Rogue AP killer
Solidity Contract Function Profiler
SQLBrute is a tool for brute forcing data out of databases using blind SQL injection vulnerabilities.
sslscan tests SSL/TLS enabled services to discover supported cipher suites
IronWASP module to test security of SSL services. Ported from http://www.bolet.org/TestSSLServer/
ListLock APK contains the demo APK for the Using Mobile Substrate With Android Applications blog post
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.