Paolo Perego
thesp0nge
Application security guy | OSCE | OSCP | π | π¨βπ©βπ§βπ¦ | Security Engineer @ SUSEπ¦ | Chaotic good Elistraee drow cleric | Content creator. @codiceinsicuro
Languages
Loading contributions...
Top Repositories
Dawn is a static analysis security scanner for ruby written web applications. It supports Sinatra, Padrino and Ruby on Rails frameworks.
Owasp Orizon is a source code static analyzer tool designed to spot security issues in Java applications.
The Owasp Esapi Ruby is a port for outstanding release quality Owasp Esapi project to the Ruby programming language. The idea is to build a Ruby gem (the standard ruby library archive format) containing the Esapi concepts implemented in Ruby classes so people using Ruby in their Rails application can have security into them.
A shellcode generator with encryption, encoding and polymorphism facilities built-in
A python program that crawls a website and tries to stress it, polluting forms with bogus data
Enchant is is tool aimed to discover web application directory and pages by fuzzing the requests using a dictionary approach.
Repositories
145The Audit Journal - a tool to help you doing journaling with your security audit finest findings
DRSource is an extensible, multi-language static analysis tool designed to detect vulnerabilities in source code. It uses a pluggable architecture to combine multiple detection techniquesβfrom simple regex matching to advanced AST-based taint analysisβall driven by a central, user-configurable knowledge base.
A python program that crawls a website and tries to stress it, polluting forms with bogus data
No description provided.
Semgrep MVP: Aggregate, Rank & Cluster Your Findings
Ask me anything
Dawn is a static analysis security scanner for ruby written web applications. It supports Sinatra, Padrino and Ruby on Rails frameworks.
Owasp Orizon is a source code static analyzer tool designed to spot security issues in Java applications.
Your Lightweight C Key-Value Engine with Crash Recovery
This is the reconnaissance script I wrote for my OSCP journey
Enchant is is tool aimed to discover web application directory and pages by fuzzing the requests using a dictionary approach.
A lightweight, embeddable vector similarity search library in C.
Rune is a lightweight, rule-based static analysis security testing (SAST) tool designed to find security vulnerabilities in source code.
Tarpedo is a security tool for offline NPM workflows. It scans local .tgz package archives, finds known vulnerabilities, and generates clear, aggregated reports. Perfect for securing air-gapped environments and managing your software supply chain by turning audit data into actionable intelligence.
A shellcode generator with encryption, encoding and polymorphism facilities built-in
My dotfile config
A responsive Jekyll theme with clean typography and support for large full page images.
No description provided.
A swiss army knife to leverage your webapp attack surface
NOT MY CODE! Zeus trojan horse - leaked in 2011, I am not the author, I have created this repo to simplify access to those who want to study it.
No description provided.
The Owasp Esapi Ruby is a port for outstanding release quality Owasp Esapi project to the Ruby programming language. The idea is to build a Ruby gem (the standard ruby library archive format) containing the Esapi concepts implemented in Ruby classes so people using Ruby in their Rails application can have security into them.
Opinionated Ubuntu Setup
No description provided.
Secbox is a toolbox that provides an out-of-the-box working setup for your daily work in the SUSE Security Team.
No description provided.
No description provided.
No description provided.
cvss is a rubygem for parsing cvss vector and calculate cvss score given some parameter.
My NeoVIM configuration