appsec.fyi
A curated collection of 2,000+ application security resources organized by vulnerability class and topic. Covers IDOR, XSS, SQL injection, XXE, SSRF, CSRF, RCE, AI security, OSINT, bug bounty, reconnaissance, fuzzing, Burp Suite, GraphQL, and more.
appsec.fyi
securityheaders.fyi
Security headers reference and configuration tool. Comprehensive guidance on implementing HTTP security headers like Content Security Policy (CSP), HTTP Strict Transport Security (HSTS), X-Frame-Options, and more.
securityheaders.fyi
ssl-config.fyi
SSL/TLS configuration generator and best practices guide. Helps developers and system administrators implement secure TLS configurations across different web servers and applications.
ssl-config.fyi
configurator.fyi
Configuration management and security hardening resources. Tools and guides for securely configuring applications, servers, and infrastructure components.
configurator.fyi
outofbits.com
Technical blog and security research. In-depth analysis of vulnerabilities, attack techniques, and defensive strategies in application security and beyond.
outofbits.com
security-builders.fyi
Resources and tools for building secure applications from the ground up. Practical guides for developers and security engineers focusing on secure development practices.
security-builders.fyi
Contact
Want to collaborate on security tools or resources? Get in touch or find me on LinkedIn.