The Web3 Security Resources Hub is a comprehensive collection of curated tools, guides, and best practices for securing decentralized systems and smart contracts in the blockchain space.

The purpose of this document is to outline the security risks and vulnerabilities that may arise when implementing ai in web applications and to provide best practices for mitigating these risks.

AI-ready Solidity style guide for Solidity 0.8.30 — naming, layout, NatSpec, custom errors, ERC-7201 storage, transient storage, Foundry tests, gas & security. Ships Solhint + Prettier configs, Claude Code skill, AGENTS.md.

AWS multi-account setup via IAC, with scripts for bootstrapping and custom usage

Master the AZ-104 certification with a comprehensive guide that seamlessly integrates Azure administration expertise and DevOps best practices for cloud

Why Claude Code leaked: a deep dive into npm packaging failures, source map exposure, and modern supply chain security risks.

A PHP tool to lint PHP files for security issues based on CIS and OWASP best practices.

Enterprise-grade Cloud Deployment Showcase featuring production-ready patterns. Demonstrates container orchestration with Docker & Nginx, Infrastructure as Code (IaC), multi-cloud strategies, and advanced observability using Jaeger tracing and structured logging. Fully automated via GitHub Actions CI/CD.

secure JWT Authentication with Refresh Token flow using ASP.NET Core Minimal API. Includes access token expiry handling, refresh token rotation, in-memory token store, middleware-based auth, and clean end-to-end API security implementation—ideal for learning modern backend authentication.

A model-agnostic security framework that brings secure-by-default practices to AI-assisted software development. This project provides a curated ruleset of security workflows, reusable command templates, and automated validations designed to catch misconfigurations, enforce compliance, and harden code during generation and review.

Personal cybersecurity repository of an ethical hacking expert, with guides on strengthening, customizing, and improving development environments.

🔒 Production-ready REST API template with TypeScript, security best practices, automated testing, CI/CD pipeline, and Docker. Built with Node.js + Express

The OpenSSL Key and Sign Utility is a Python script that provides a graphical user interface (GUI) for generating RSA key pairs, signing files, and verifying signatures using the OpenSSL command-line tool.

Secure Enterprise Auth Backend: JWT Rotation, Multi-device Sessions, and RBAC/ABAC Authorization. Built with TypeScript, FastAPI principles, and Prisma. 🚀💎

Azure Policy Governance and Compliance Automation framework, enabling seamless management, monitoring, and enforcement of policies in Azure

Security implementation guides covering modern security practices, authentication, authorization, and compliance frameworks

Full-stack Terraform deployment for RDS Proxy IAM Auth. Solves the documented 'SecretArn' API requirement contradiction.

This package helps administrators of Forgejo (or Git hosting platforms) generate clear, actionable anti-crawling measures by analyzing user-provided text inputs. When given a description of suspicious

A secure, production-grade DevSecOps pipeline for GKE Autopilot orchestrated via GitHub Actions and Terraform. This project implements a 'zero-trust' security model by leveraging Workload Identity Federation (WIF) to eliminate long-lived service account keys, ensuring a hardened CI/CD workflow from code commit to deployment.

🐉 Experience a detailed showcase of exploit discovery, analysis, reproduction, and documentation of five XSS vulnerabilities impacting an outdated WordPress version. 🔍💻📄