security
Warning
Some tools on this page might be used for offensive actions.
Be aware that even a scanning is illegal in most countries.
Think twice before commiting an action you might regret.
links
no complexity
storing data on browsers
NIST 800-30: Guide for conducting risk assessments
AIM
OpenID
OAuth
2.1 from 2.0
- PKCE required for authorization code flow
- no implicit flow allowed
- no Resource Owner Password Credentials (ROPC) flow allowed
- Access Token should not be used in query string (only header)
Warning
You should not use implicit grant (IETF recommandation).
It was a compromise for pre-CORS browsers!
detection (linux)
clamav
# apt install clamav
# clamscan -r -i --exclude-dir="^/sys" /
chkrootkit
web sanitizers
ammonia + nh3
ammonia (rust) and nh3 binding.
pip3 install nh3
bleach
Deprecated since JAN23.