Regexp Security Cheatsheet
This repository sponsored by ScanFactory provides a comprehensive list of security vulnerabilities in regular expressions commonly used in Web Application Firewalls (WAFs), with a focus on bypass examples and high severity issues. It includes SAST tools to identify vulnerabilities in custom regular expressions, and was first introduced at BlackHat USA 2016.
FEATURES
ALTERNATIVES
Collection of recent infosec/hacking videos from conferences.
Guidance on mitigating side-channel attacks, firmware vulnerabilities, and UEFI hardening.
The SOC Academy offers official VirusTotal certification courses to help cybersecurity professionals maximize its functionalities and advance their careers.
A comprehensive guide to investigating security incidents in popular cloud platforms, covering essential tools, logs, and techniques for cloud investigation and incident response.
A repository of CTF challenges and resources from various cybersecurity competitions.
Online IT Security and Privacy Awareness training courses to help companies meet compliance requirements and reduce cybersecurity risks.
A comprehensive guide to SSL/TLS vulnerabilities and vulnerable cipher suites.
A guide outlining security considerations for using OpenLDAP Software, including selective listening and IP firewall capabilities.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Kriptos
An AI-driven data classification and governance platform that automatically discovers, analyzes, and labels sensitive information while providing risk management and compliance capabilities.
System Two Security
An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.
Aikido Security
Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.
Permiso
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.