This script performs a complete analysis of all repositories in an organization on GitHub. It saves the data to a JSON file and generates a statistical summary at the end.
-
Python 3.8+
-
Packages:
-
requests -
python-dotenv
Magno Logan magnologan
magnologan
/ github-inspect.md
Created
July 22, 2025 19:05
— forked from fguisso/github-inspect.md
Github API Get Data
magnologan
/ design-review-prompt.md
Created
July 10, 2025 20:18
— forked from anshumanbh/design-review-prompt.md
A simple design review prompt
DESIGN_REVIEW_QUERY = """ As a security expert, analyze the provided technical specification and perform the following steps in order:
STEP 1: Component Identification Carefully identify and list:
- All NEW components, services, or systems being introduced
- All EXISTING components that are being modified or changed
For each identified component, briefly describe:
- Its purpose and functionality
magnologan
/ gist:c8bcc0800a0fb488ec4d3e863bdf2083
Created
June 25, 2025 15:52
— forked from marceloglacial/gist:225498005299493be4b8712e5c97a3e2
GitHub Copilot Instructions for React and Next.js Projects
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # GitHub Copilot Instructions for React and Next.js Projects | |
| This file provides guidelines for GitHub Copilot to ensure consistent, clean, and performant code generation for React and Next.js applications. | |
| ## General Principles | |
| - **Clean Code:** Prioritize **readability, maintainability, and reusability**. | |
| - **Conciseness:** Aim for concise and expressive code. | |
| - **Descriptive Naming:** Use clear and descriptive names for variables, functions, components, and files (e.g., `getUserProfile`, `ProductCard`, `useAuth`). | |
| - **DRY (Don't Repeat Yourself):** Extract reusable logic into functions, custom hooks, or components. |
magnologan
/ waf-smoke-test.sh
Created
April 15, 2025 20:47
— forked from ridjex/waf-smoke-test.sh
Lightweight Bash script to test basic WAF (Web Application Firewall) protections against common SQL injection and XSS payloads. Use this to quickly assess your web application’s surface against low-hanging injection vulnerabilities.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # 🚀 Discover More: Testing Your Firewall in 60 Seconds: A Lightweight WAF Testing Script That Anyone Can Use | |
| # Learn how this script works and the best practices for WAF testing. | |
| # Read the full article here: | |
| # 👉 https://medium.com/@kochuraa/testing-your-firewall-in-60-seconds-a-lightweight-waf-testing-script-that-anyone-can-use-a7a725fefcb7 | |
| # Safe WAF Tester Script | |
| # Usage: ./waf-smoke-test.sh <URL> [-o output.md] [-H "Header: Value"] | |
| # Examples: |
magnologan
/ Dockerfile with Bad Security Practices.txt
Created
May 8, 2024 14:21
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Dockerfile with Bad Security Practices | |
| # 1. Using a root user to run the container | |
| FROM ubuntu:latest | |
| USER root | |
| # 2. Installing all tools with one command | |
| # This approach often installs more than needed, increasing attack surface | |
| RUN apt-get update && apt-get install -y \ | |
| curl \ |
magnologan
/ mitre_attack_oneliners.sh
Created
June 29, 2023 17:16
— forked from thomaspatzke/mitre_attack_oneliners.sh
MITRE ATT&CK oneliners
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Requires: curl, jq | |
| # Download MITRE ATT&CK data from GitHub repository | |
| curl -o enterprise-attack.json https://raw.githubusercontent.com/mitre/cti/master/enterprise-attack/enterprise-attack.json | |
| # List all ATT&CK object types | |
| jq -r '[ .objects[].type ] | unique | .[]' enterprise-attack.json | |
| # List all ATT&CK technique identifiers | |
| jq -r '[ .objects[] | select(.type == "attack-pattern") | .external_references[] | select(.source_name == "mitre-attack") | .external_id ] | sort | .[]' enterprise-attack.json |
magnologan
/ Preparation to App Sec Engineer Interview and Questions
Created
April 8, 2023 18:12
— forked from themoonofendor/Preparation to App Sec Engineer Interview and Questions
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - Threat Modelling / Code Review — | |
| Resources-for-Application-Security | |
| How to prepare for a security engineer interview by Eray Mitrani | |
| Security_Engineer_Interview_Questions by Tad Whitaker | |
| Security Engineer - Interview Questions by Namish |
magnologan
/ windows_hardening.cmd
Created
February 26, 2023 02:15
— forked from mackwage/windows_hardening.cmd
Script to perform some hardening of Windows OS
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| :: Windows 10 Hardening Script | |
| :: This is based mostly on my own personal research and testing. My objective is to secure/harden Windows 10 as much as possible while not impacting usability at all. (Think being able to run on this computer's of family members so secure them but not increase the chances of them having to call you to troubleshoot something related to it later on). References for virtually all settings can be found at the bottom. Just before the references section, you will always find several security settings commented out as they could lead to compatibility issues in common consumer setups but they're worth considering. | |
| :: Obligatory 'views are my own'. :) | |
| :: Thank you @jaredhaight for the Win Firewall config recommendations! | |
| :: Thank you @ricardojba for the DLL Safe Order Search reg key! | |
| :: Thank you @jessicaknotts for the help on testing Exploit Guard configs and checking privacy settings! | |
| :: Best script I've found for Debloating Windows 10: https://github.com/Sycnex/Windows10Debloater | |
| : |
magnologan
/ index.html
Created
January 12, 2023 14:03
— forked from looselytyped/index.html
Containers in 3 weeks — Week 1 (nginx test file)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!DOCTYPE html> | |
| <html lang="en"> | |
| <head> | |
| <!-- BLATANTLY STOLEN FROM https://getbootstrap.com/docs/4.1/examples/cover/ --> | |
| <title>Docker Workshop</title> | |
| <meta charset="utf-8"> | |
| <meta name="viewport" content="width=device-width, initial-scale=1"> | |
| <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css" integrity="sha384-MCw98/SFnGE8fJT3GXwEOngsV7Zt27NXFoaoApmYm81iuXoPkFOJwJ8ERdknLPMO" crossorigin="anonymous"> | |
| <style> | |
| /* |
magnologan
/ Setup.md
Created
January 12, 2023 14:02
— forked from looselytyped/Setup.md
Containers in 3 weeks - Set up
You will need Docker installed! Here is a link to get you started. Proceed after you are done installing.
NewerOlder