dev.lwlx.xyz

GitHub

Twitter

A Collection of useful Security and DevOps tools.

lwlx

22. September 2020

@0x0000005

AppSec Tools

  • [x] lynis | active |: Security auditing tool for Linux, macOS, and UNIX-based systems
  • [ ] killcord | new |: a censorship resistant deadman's switch
  • [x] OWASP ZAP | active |: autodetect security vulnerabilities in your web applications while developing and testing your applications
  • [ ] ClamAV | new |: open source antivirus engine for detecting trojans, viruses, malware & other malicious threats.
  • [ ] endlessh | new |: Endlessh is an SSH tarpit (honeypot) that very slowly sends an endless, random SSH banner

Automation Tools

  • [ ]

developer Tools

  • [x] (js-) IPFS | active |: A peer-to-peer hypermedia protocol designed to make the web faster, safer, and more open.
  • [ ] ML5.js | tested |: Friendly & easy to use machine learning for the web!
  • [ ] TensorFlow | new |: Open Source Machine Learning Framework (With extensive docs and big community)
  • [ ] deno | testing |: Deno aims to provide a productive and secure scripting environment for the modern programmer. It is built on top of V8, Rust, and TypeScript.
  • [x] PNPM | testing |: Faster, disk space efficient package manager, with good monorepo support.
  • [ ] verdaccio | new |: A lightweight open source private npm proxy registry
  • [ ] caprover | new |: Easiest app/database deployment platform and webserver package for your NodeJS, Python, PHP, Ruby, Go applications. No Docker, nginx knowledge required!

misc Tools

  • [x] Chrome Galvanizer | tested |: Harden your Chrome browser via enterprise policy.
  • [ ] Cursed Chrome | new |: Chrome-extension implant that turns victim Chrome browsers into fully-functional HTTP proxies, allowing you to browse sites as your victims.
  • [x] NMAP | active |: The #1 network scanner & mapper
  • [x] nmap-vulners | active |: extension to NMAP that chekcs for more known vulns
  • [ ] lesspass | new |: stateless open source password manager
  • [ ] GrantProxy | new |: Turn your web browser into a magic proxy server in one click.
  • [ ] ohmyzsh | new |: A delightful community-driven framework for managing your zsh configuration. Includes 200+ plugins

sickGuides

a collection of useful guides or tutorials to stay safe.

Security Guides

  • [x] OWASP Cheat Sheets | active |: These cheat sheets were created by various application security professionals who have expertise in specific topics.
  • [ ] PortSwigger XSS CheatSheet | active |: An extensive list of known XSS vulns, sortable and searchable

Dev Guides

  • [ ] HTMLHEAD.dev : A free guide to HTML5 elements
  • [ ] CSS FlexBox Cheatsheet | active |: the only CSS flexbox cheatsheet you'll need
  • [x] DevDocs.io | active |: Huge, fast, searchable reporsitory for dev documentation, from java to docker, from rust to WordPress.
  • [ ] Set Up a Private NPM Registry Locally | tested |: using verdaccio to setup local NPM registry.
  • [ ] Grepper | new |: Accrue code answers to common coding problems, find code answers without thinking - using Greppers “code problem” search engine.

Sources

  • OWASP — The Open Source Web Application Security Protocol
  • Matthew Bryant — XSSHunter / chrome galvanizer
  • lwlx — lwlx

License

The MIT License.

  • - [ ] ([tool name](<link>)|*tested*|**new**|deprecated| active): <description>

© lwlx. 2025

Version 2