4. Security & Compliance

Comprehensive diagnostics for iOS/macOS accessibility issues, ensuring WCAG compliance and App Store Review readiness.

Provides utilities for implementing privacy manifests, App Tracking Transparency UX, and Privacy Nutrition Labels as required by Apple's WWDC 2023 compliance standards.

Comprehensive reference for iOS file encryption and data protection APIs, including NSFileProtection and FileProtectionType for secure file storage.

Audits and fixes iOS accessibility issues to ensure compliance with WCAG standards and App Store requirements.

High-performance Rust hook that prevents execution of destructive commands in Claude Code using SIMD acceleration and whitelist-first security.

Generates self-signed SSL/TLS certificates with OpenSSL, including private keys, CSRs, and verification steps.

Provides core building blocks for Suricata signature creation and multi-condition deep packet inspection (DPI) logic.

Generates LibFuzzer-based fuzz drivers for Python libraries to identify security vulnerabilities through automated input testing.

Conducts SSH penetration testing including vulnerability assessment, configuration enumeration, and credential brute-forcing.

Enables rapid security analysis of network traffic captures (PCAPs) by extracting protocol details through tshark command-line tooling.

Analyzes offline PCAP files with Suricata and validates security events through structured eve.json output.

Expert guidance for OpenSSL operations including certificate generation, key management, and PKI infrastructure setup.

Enables implementation of safety interlocks and protective mechanisms in control systems to prevent equipment damage and ensure operational safety.

Provides Python utilities for analyzing network packet captures (PCAP) to compute traffic statistics and support security investigations.

Detects malicious network patterns including port scans, DoS attacks, and beaconing behavior using exact thresholds.

Conducts comprehensive codebase analysis to identify security vulnerabilities, technical debt, and assess code quality and maintainability.

Enables policy-based authorization with Pundit for resource access control and role-based permission management.

Tests for XML External Entity (XXE) vulnerabilities including file disclosure, SSRF, and denial of service in XML parsing endpoints.

Validates Cross-Site Scripting (XSS) vulnerabilities including Reflected, Stored, and DOM-based XSS via payload injection and execution observation.

Identifies security threats in agentic AI applications by applying the OWASP Top 10 for Agentic Applications framework.

Validates diverse injection vulnerabilities including SSTI, LDAP, XPath, and more across multiple CWEs for comprehensive security testing.

Tests for NoSQL injection vulnerabilities across MongoDB, Cassandra, CouchDB, and Redis, validating operator and query manipulation patterns.

Validates SQL injection vulnerabilities including blind, time-based, and error-based attacks across multiple database systems and CWE-89 patterns.

Validates authorization flaws including IDOR, privilege escalation, and missing access controls through lower-privileged credential testing.