Skip to content

Instantly share code, notes, and snippets.

View inkz's full-sized avatar

Vasilii Ermilov inkz

17 followers · 1 following
View GitHub Profile
@inkz
inkz / inputset.txt
Created December 26, 2024 15:35
nestjs-sg-inputset
incetarik/nestjs-graphql-zod
MarcinMiler/tinder-clone
meta-d/ocap
mnfst/manifest
haiweilian/vivy-nest-admin
87789771/meimei-nestjs-admin
opengovsg/ts-template
island-is/island.is
narval-xyz/armory
TriPSs/nx-extend
@inkz
inkz / inputset.txt
Last active February 9, 2025 17:20
express-big-inputset
NodeBB/nodebb-plugin-write-api
sisense/compose-sdk-monorepo
volumio/volumio3-backend
spryker/docker-sdk
hbkabir004/Mrittik-Server
apu52/METAVERSE
NUWCDIVNPT/stig-manager
debloper/xplex
cedalo/management-center
Sunny-117/mini-anything
@inkz
inkz / orgs_to_scan.txt
Last active October 29, 2025 02:05
0xPolygon/auto-claim-service
0xPolygon/chain-indexer-framework
0xPolygon/heimdall-v2
0xPolygon/lxly
0xPolygon/proof-generation-api
0xPolygon/static
Aiven
Aiven-Open
Automattic/WP-Job-Manager
Automattic/jetpack
@inkz
inkz / gh-actions.yaml
Created September 1, 2022 06:15
rules:
- id: allowed-unsecure-commands
languages:
- yaml
severity: WARNING
message: smth found
patterns:
- pattern-either:
- patterns:
- pattern-inside: "{on: ...}"
@inkz
inkz / index_example.ts
Created July 11, 2022 04:06
import express from 'express'
import mongoose from 'mongoose'
const app = express()
const port = 3000
// const { BlogPost } = require('./models')
import {BlogPost} from './models'
async function main() {
@inkz
inkz / captcha_model.ts
Created July 11, 2022 04:01
/*
* Copyright (c) 2014-2022 Bjoern Kimminich & the OWASP Juice Shop contributors.
* SPDX-License-Identifier: MIT
*/
import {
Model,
InferAttributes,
InferCreationAttributes,
DataTypes,
@inkz
inkz / lambda_recon_2021.yaml
Created November 5, 2021 04:22
rules:
- id: lambda-tainted-func-go
languages: [go]
severity: WARNING
message: >-
Tainted func found
mode: taint
pattern-sources:
- patterns:
- pattern-either:
@inkz
inkz / java-spring-sink-source.yaml
Created October 18, 2021 08:24
rules:
- id: java-spring-sink-source
mode: taint
pattern-sinks:
- pattern: |
$SINK(...)
pattern-sources:
- patterns:
- pattern: $VAR
- pattern-either:
@inkz
inkz / rails-sink-source.yaml
Created October 15, 2021 06:12
rules:
- id: rails-sink-source
mode: taint
pattern-sources:
- pattern: params[$X]
pattern-sinks:
- pattern: $WHATEVER(...)
message: |
sink for RoR found
languages:
@inkz
inkz / expressjs-source-sink-research.yaml
Created September 29, 2021 06:14
rules:
- id: expressjs-source-sink-research
mode: taint
languages:
- js
- typescript
message: >-
Found a sink for Express.js app
severity: WARNING
pattern-sinks: