diff --git a/docs/awesome/awesome-agi-cocosci.md b/docs/awesome/awesome-agi-cocosci.md
index 7ae23aca5a..392a0d3998 100644
--- a/docs/awesome/awesome-agi-cocosci.md
+++ b/docs/awesome/awesome-agi-cocosci.md
@@ -1338,7 +1338,7 @@ English-language description for use by biologists.
* [Human–machine collaboration for improving semiconductor process development](https://www.nature.com/articles/s41586-023-05773-7) - ***Nature***, 2023. [[All Versions](https://scholar.google.com/scholar?cluster=10295771969614897767)]. [[Nature News](https://www.nature.com/articles/d41586-023-01353-x)]. This work studies Bayesian optimization algorithms to investigate how artificial intelligence (AI) might decrease the cost of developing complex semiconductor chip processes. In particular, this work create a controlled virtual process game to systematically benchmark the performance of humans and computers for the design of a semiconductor fabrication process. The authors find that human engineers excel in the early stages of development, whereas the algorithms are far more cost-efficient near the tight tolerances of the target.
-* [A foundation model for generalizable disease detection from retinal images](https://www.nature.com/articles/s41586-023-06555-x) - ***Nature***, 2023. [[All Versions](https://scholar.google.com/scholar?cluster=3139988207343394501)].
+* [A foundation model for generalizable disease detection from retinal images](https://www.nature.com/articles/s41586-023-06555-x) - ***Nature***, 2023. [[All Versions](https://scholar.google.com/scholar?cluster=3139988207343394501)]. This paper presents RETFound, a foundation model for retinal images that learns generalizable representations from unlabelled retinal images and provides a basis for label-efficient model adaptation in several applications. Specifically, RETFound is trained on 1.6 million unlabelled retinal images by means of self-supervised learning and then adapted to disease detection tasks with explicit labels.
* [Accurate medium-range global weather forecasting with 3D neural networks](https://www.nature.com/articles/s41586-023-06185-3) - ***Nature***, 2023. [[All Versions](https://scholar.google.com/scholar?cluster=7198604620204619820&hl=en&as_sdt=0,5)].
diff --git a/docs/awesome/awesome-angular.md b/docs/awesome/awesome-angular.md
index 008e44fff6..fc7d4d06b8 100644
--- a/docs/awesome/awesome-angular.md
+++ b/docs/awesome/awesome-angular.md
@@ -770,6 +770,7 @@ become an Angular expert.
* [nglrx/pipes](https://github.com/nglrx/pipes) - A library of useful pipes for Angular apps.
* [ng-helpers](https://github.com/Jaspero/ng-helpers) - A collection of useful components, directives and pipes for Angular.
* [ng-condition](https://github.com/nigrosimone/ng-condition) - An alternative directive to `*ngIf; else` that simplifies conditions in HTML templates.
+* [ngx-sticky-kit](https://github.com/matheo/ngx-sticky-kit) - Angular Sticky makes HTML elements sticky. For instance, the header, the menu, the sidebar or any other block can be stuck at the desired position.
#### Drag and Drop
diff --git a/docs/awesome/awesome-astrophotography.md b/docs/awesome/awesome-astrophotography.md
index b38153cabd..f8d725b09f 100644
--- a/docs/awesome/awesome-astrophotography.md
+++ b/docs/awesome/awesome-astrophotography.md
@@ -19,6 +19,7 @@ Contributions are welcome. Please read the [contributing guideline](https://gith
- [Drift Alignment by Robert Vice (D.A.R.V)](https://www.cloudynights.com/articles/cat/articles/darv-drift-alignment-by-robert-vice-r2760) - Accurate alignment in just a matter of minutes.
- [Guide Scope vs. Off-Axis Guider: Which is Better for Astrophotography?](https://optcorp.com/blogs/deep-sky-imaging/guide-scope-vs-off-axis-guider) - Compares the two guiding options in details.
- [Guide to Focal Reducers for Astronomy](https://agenaastro.com/articles/focal-reducers-guide.html) - How focal reducers work, what types are there, and how to use them.
+- [Guide to Preprocessing of Raw Data With PixInsight](https://pixinsight.com/forum/index.php?threads/guide-to-preprocessing-of-raw-data-with-pixinsight.11547/) - Mistakes that happen during the pre-processing stages cannot be corrected anymore in post-processing. This guide from Bernd Landmann acquaints fellow astrophotographers with PixInsight's tools needed for recognising and avoiding such mistakes.
- [How to Set the Correct Back Focus](https://optcorp.com/blogs/deep-sky-imaging/how-to-set-the-correct-back-focus) - An easy to follow guide on what back focus is and how to set it.
- [Mastering Flat Frames: Gain matching](https://www.astroworldcreations.com/blog/understanding-flats-part-1-gain-matching) - This blog series by Willem Jan Drijfhout will take you on a deep dive into the topic of flat frames ([Part 2: Flat Panels compared](https://www.astroworldcreations.com/blog/understanding-flats-part-2-flat-panels-compared), and [Part 3: Bias, Flat-Darks and Conclusions](https://www.astroworldcreations.com/blog/understanding-flats-part3-conclusions)).
- [Optical Glass Types](https://www.stellarvue.com/optical-glass-types/) - What makes a top-tier telescope? This article will clear up some common misconceptions.
@@ -46,7 +47,7 @@ Contributions are welcome. Please read the [contributing guideline](https://gith
- [Andromeda Galaxy with only a Camera, Lens, & Tripod](https://www.youtube.com/watch?v=pXcRKoxTPVg) - A comprehensive step-by-step guide. Includes a follow-up videos on post-processing the images in different apps.
- [Astrophotography RGB histogram in nine minutes](https://www.youtube.com/watch?v=9rAoJ-VG860) - A lightning explanation of what a histogram is.
- [Capturing Galaxyset](https://www.paulschmitphotography.com/How-To-Guides/Capturing-Galaxyset) - A detailed tutorial on how to plan, execute and post-process a deepscape of the Andromeda galaxy aligned with a mountain in Southern Colorado.
-- [Chris White's Guide to Fixing Tilt and Spacing](https://www.overcastobservatory.com/product/guide-to-tilt-and-spacing-analysis/) - Annoying and hard to fix, tilt and spacing can ruin your imaging. This guide will help you eliminate them.
+- [Chris White's Guide to Fixing Tilt and Spacing](https://overcastobservatory.com/products/guide-to-tilt-and-spacing-analysis-download-link-in-listing) - Annoying and hard to fix, tilt and spacing can ruin your imaging. This guide will help you eliminate them.
- [Filters for Deep Sky Astrophotography](https://www.youtube.com/playlist?list=PLrzbdmripj1fIXrivZF1BT4BtJMZ6xvWo) - A video series that kicks off with a gentle introduction to filters and closes down comparing the most popular ones.
- [Harry's PixInsight tutorials](http://www.harrysastroshed.com/Pixinsighthome.html) - Newcomer friendly, down-to-earth and comprehensive video tutorials.
- [How to Eliminate Star Halos in PixInsight](https://digitalstars.wordpress.com/2019/10/27/tutorial-how-to-eliminate-star-halos-in-pixinsight/) - One of the more challenging issues in astrophotography. Charles Bracken, the author of "The Deep-Sky Imaging Primer", has you covered.
diff --git a/docs/awesome/awesome-audit-algorithms.md b/docs/awesome/awesome-audit-algorithms.md
index 66210df81a..5060377143 100644
--- a/docs/awesome/awesome-audit-algorithms.md
+++ b/docs/awesome/awesome-audit-algorithms.md
@@ -22,6 +22,7 @@ to the capacity of the targeted models, using the Rademacher complexity.*
- [Improved Membership Inference Attacks Against Language Classification Models](https://arxiv.org/pdf/2310.07219.pdf) - (ICLR) *Presents a framework for running membership inference attacks against classifier, in audit mode.*
- [Auditing Fairness by Betting](https://arxiv.org/pdf/2305.17570.pdf) - (Neurips) [[Code]](https://github.com/bchugg/auditing-fairness) *Sequential methods that allows for the continuous monitoring of incoming data from a black-box classifier or regressor.*
### 2023
+- [Privacy Auditing with One (1) Training Run](https://neurips.cc/virtual/2023/poster/70925) - (NeurIPS - best paper) *A scheme for auditing differentially private machine learning systems with a single training run.*
- [XAudit : A Theoretical Look at Auditing with Explanations](https://arxiv.org/pdf/2206.04740.pdf) - (Arxiv) *Formalizes the role of explanations in auditing and investigates if and how model explanations
can help audits.*
- [Keeping Up with the Language Models: Robustness-Bias Interplay in NLI Data and Models](https://arxiv.org/pdf/2305.12620.pdf) - (Arxiv) *Proposes a way to extend the shelf-life of auditing datasets by using language models themselves; also finds problems with the current bias auditing metrics and proposes alternatives -- these alternatives highlight that model brittleness superficially increased the previous bias scores.*
diff --git a/docs/awesome/awesome-dotnet-core.md b/docs/awesome/awesome-dotnet-core.md
index 4e4e2613d3..57415023df 100644
--- a/docs/awesome/awesome-dotnet-core.md
+++ b/docs/awesome/awesome-dotnet-core.md
@@ -585,6 +585,7 @@ Follows best practices and conventions to provide you a SOLID development experi
* [MicroBus](https://github.com/Lavinski/Enexure.MicroBus) - Simple in process mediator for .NET.
* [MQTTnet](https://github.com/chkr1011/MQTTnet) - MQTTnet is a high performance .NET library for MQTT based communication.
* [netmq](https://github.com/zeromq/netmq) - 100% native C# implementation of ZeroMQ for .NET.
+* [NServiceBus](https://github.com/particular/nservicebus) - NServiceBus is part of the [Particular Service Platform](https://particular.net/service-platform), which contains tools to build, monitor, and debug distributed systems.
* [OpenCQRS](https://github.com/OpenCQRS/OpenCQRS) - .NET Core library for DDD, CQRS and Event Sourcing with Azure Service Bus integration. Supported database providers for the Command and the Event stores are: DocumentDB, MongoDB, SQL Server, MySQL, PostgreSQL and SQLite.
* [rabbitmq-dotnet-client](https://github.com/rabbitmq/rabbitmq-dotnet-client) - RabbitMQ .NET client [https://www.rabbitmq.com](https://www.rabbitmq.com).
* [RawRabbit](https://github.com/pardahlman/RawRabbit) - Modern .NET framework for communication over RabbitMq.
diff --git a/docs/awesome/awesome-iam.md b/docs/awesome/awesome-iam.md
index c046e4411b..bb15e77ad3 100644
--- a/docs/awesome/awesome-iam.md
+++ b/docs/awesome/awesome-iam.md
@@ -318,45 +318,51 @@ As a concept, access control policies can be designed to follow very different a
- [In Search For a Perfect Access Control System](https://goteleport.com/blog/access-controls/) - The historical origins of authorization schemes. Hints at the future of sharing, trust and delegation between different teams and organizations.
-- [AWS IAM Roles, a tale of unnecessary complexity](https://infosec.rodeo/posts/thoughts-on-aws-iam/) - The history of fast-growing AWS explains how the current scheme came to be, and how it compares to GCP's resource hierarchy.
-
- [GCP's IAM syntax is better than AWS's](https://ucarion.com/iam-operation-syntax) - The minutiae of permission design in GCP improves the developer's experience.
- [Semantic-based Automated Reasoning for AWS Access Policies using SMT](https://d1.awsstatic.com/Security/pdfs/Semantic_Based_Automated_Reasoning_for_AWS_Access_Policies_Using_SMT.pdf) - Zelkova is how AWS does it. This system perform symbolic analysis of IAM policies, and solve the reachability of resources according user's rights and access constraints. Also see the higher-level [introduction given at re:inforce 2019](https://youtu.be/x6wsTFnU3eY?t=2111).
-- [Zanzibar: Google's Consistent, Global Authorization System](https://ai.google/research/pubs/pub48190) - Scales to trillions of access control lists and millions of authorization requests per second to support services used by billions of people. It has maintained 95th-percentile latency of less than 10 milliseconds and availability of greater than 99.999% over 3 years of production use. [Other bits not in the paper](https://twitter.com/LeaKissner/status/1136626971566149633). [Zanzibar Academy](https://zanzibar.academy/) is a site dedicated to explaining how Zanzibar works.
+- [Authorization Academy](https://www.osohq.com/academy) - An in-depth, vendor-agnostic treatment of authorization that emphasizes mental models. This guide shows the reader how to think about their authorization needs in order to make good decisions about their authorization architecture and model.
-- [SpiceDB](https://github.com/authzed/spicedb) - An open source database system for managing security-critical application permissions inspired by Zanzibar.
+- [Service-to-service authorization: A guide to non-user principals](https://www.cerbos.dev/blog/service-to-service-authorization) - Discover how assigning identities to services (non-user principals) can simplify authentication, enhance security, and streamline authorization in complex distributed systems. A useful guide for IAM teams managing microservices and APIs.
-- Description of an [authz system that is built around labeled security and RBAC concepts](https://news.ycombinator.com/item?id=20136831).
+### RBAC frameworks
-- [Authorization Academy](https://www.osohq.com/academy) - An in-depth, vendor-agnostic treatment of authorization that emphasizes mental models. This guide shows the reader how to think about their authorization needs in order to make good decisions about their authorization architecture and model.
+[Role-Based Access Control](https://en.wikipedia.org/wiki/Role-based_access_control) is the classical model to map users to permissions by the way of roles.
+
+- [Athenz](https://github.com/yahoo/athenz) - Set of services and libraries supporting service authentication and role-based authorization for provisioning and configuration.
-### Open-source policy frameworks
+- [Biscuit](https://www.clever-cloud.com/blog/engineering/2021/04/12/introduction-to-biscuit/) - Biscuit merge concepts from cookies, JWTs, macaroons and Open Policy Agent. “It provide a logic language based on Datalog to write authorization policies. It can store data, like JWT, or small conditions like Macaroons, but it is also able to represent more complex rules like role-based access control, delegation, hierarchies.”
-Collection of open-source projects if you're looking to roll your own policy implementation.
+- [Oso](https://github.com/osohq/oso) - A batteries-included library for building authorization in your application.
+
+- [Cerbos](https://github.com/cerbos/cerbos) - An authorization endpoint to write context-aware access control policies.
+
+### ABAC frameworks
+
+[Attribute-Based Access Control](https://en.wikipedia.org/wiki/Attribute-based_access_control) is an evolution of RBAC, in which roles are replaced by attributes, allowing the implementation of more complex policy-based access control.
- [Keto](https://github.com/ory/keto) - Policy decision point. It uses a set of access control policies, similar to AWS policies, in order to determine whether a subject is authorized to perform a certain action on a resource.
- [Ladon](https://github.com/ory/ladon) - Access control library, inspired by AWS.
-- [Athenz](https://github.com/yahoo/athenz) - Set of services and libraries supporting service authentication and role-based authorization (RBAC) for provisioning and configuration.
-
- [Casbin](https://github.com/casbin/casbin) - Open-source access control library for Golang projects.
-- [Open Policy Agent](https://github.com/open-policy-agent/opa) - An open-source general-purpose decision engine to create and enforce attribute-based access control (ABAC) policies.
+- [Open Policy Agent](https://github.com/open-policy-agent/opa) - An open-source general-purpose decision engine to create and enforce ABAC policies.
-- [Topaz](https://github.com/aserto-dev/topaz) - An open-source project which combines the policy-as-code and decision logging of OPA with a Zanzibar-modeled directory.
+### ReBAC frameworks
-- [Open Policy Administration Layer](https://github.com/permitio/opal) - Open Source administration layer for OPA, detecting changes to both policy and policy data in realtime and pushing live updates to OPA agents. OPAL brings open-policy up to the speed needed by live applications.
+The [Relationship-Based Access Control](https://en.wikipedia.org/wiki/Relationship-based_access_control) model is a more flexible and powerful version of RBAC and is the preferred one for cloud systems.
+
+- [Zanzibar: Google's Consistent, Global Authorization System](https://ai.google/research/pubs/pub48190) - Scales to trillions of access control lists and millions of authorization requests per second to support services used by billions of people. It has maintained 95th-percentile latency of less than 10 milliseconds and availability of greater than 99.999% over 3 years of production use. [Other bits not in the paper](https://twitter.com/LeaKissner/status/1136626971566149633). [Zanzibar Academy](https://zanzibar.academy/) is a site dedicated to explaining how Zanzibar works.
-- [Gubernator](https://github.com/mailgun/gubernator) - High performance rate-limiting micro-service and library.
+- [SpiceDB](https://github.com/authzed/spicedb) - An open source database system for managing security-critical application permissions inspired by Zanzibar.
-- [Biscuit](https://www.clever-cloud.com/blog/engineering/2021/04/12/introduction-to-biscuit/) - Biscuit merge concepts from cookies, JWTs, macaroons and Open Policy Agent. “It provide a logic language based on Datalog to write authorization policies. It can store data, like JWT, or small conditions like Macaroons, but it is also able to represent more complex rules like role-based access control, delegation, hierarchies.”
+- [Permify](https://github.com/Permify/permify) - Another open-source authorization as a service inspired by Google Zanzibar, and see [how it compares to other Zanzibar-inspired tools](https://permify.notion.site/Differentiation-Between-Zanzibar-Products-ad4732da62e64655bc82d3abe25f48b6).
-- [Oso](https://github.com/osohq/oso) - A batteries-included library for building authorization in your application.
+- [Topaz](https://github.com/aserto-dev/topaz) - An open-source project which combines the policy-as-code and decision logging of OPA with a Zanzibar-modeled directory.
-- [Cerbos](https://github.com/cerbos/cerbos) - An authorization endpoint to write context-aware access control policies.
+- [Open Policy Administration Layer](https://github.com/permitio/opal) - Open Source administration layer for OPA, detecting changes to both policy and policy data in realtime and pushing live updates to OPA agents. OPAL brings open-policy up to the speed needed by live applications.
- [Warrant](https://github.com/warrant-dev/warrant) - A relationship based access control (ReBAC) engine (inspired by Google Zanzibar) also capable of enforcing any authorization paradigm, including RBAC and ABAC.
@@ -364,16 +370,14 @@ Collection of open-source projects if you're looking to roll your own policy imp
Tools and resources exclusively targeting the [AWS IAM policies](http://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html) ecosystem.
+- [An AWS IAM Security Tooling Reference](https://ramimac.me/aws-iam-tools-2024) - A comprehensive list of (maintained) tools for AWS IAM.
+
- [Become an AWS IAM Policy Ninja](https://www.youtube.com/watch?v=y7-fAT3z8Lo) - “In my nearly 5 years at Amazon, I carve out a little time each day, each week to look through the forums, customer tickets to try to find out where people are having trouble.”
-- [Cloudsplaining](https://github.com/salesforce/cloudsplaining) - Security assessment tool that identifies violations of least privilege and generates a risk-prioritized report.
+- [AWS IAM Roles, a tale of unnecessary complexity](https://infosec.rodeo/posts/thoughts-on-aws-iam/) - The history of fast-growing AWS explains how the current scheme came to be, and how it compares to GCP's resource hierarchy.
- [Policy Sentry](https://github.com/salesforce/policy_sentry) - Writing security-conscious IAM Policies by hand can be very tedious and inefficient. Policy Sentry helps users to create least-privilege policies in a matter of seconds.
-- [Aardvark and Repokid](https://netflixtechblog.com/introducing-aardvark-and-repokid-53b081bf3a7e) - Netflix tools to enforce least privilege on AWS. The idea is that the default policy on new things is deny all, and then it monitors cloudtrail for privilege failures and reconfigures IAM to allow the smallest possible privilege to get rid of that deny message.
-
-- [Principal Mapper](https://github.com/nccgroup/PMapper) - Quickly evaluates permissions.
-
- [PolicyUniverse](https://github.com/Netflix-Skunkworks/policyuniverse) - Parse and process AWS policies, statements, ARNs, and wildcards.
- [IAM Floyd](https://github.com/udondan/iam-floyd) - AWS IAM policy statement generator with fluent interface. Helps with creating type safe IAM policies and writing more restrictive/secure statements by offering conditions and ARN generation via IntelliSense. Available for Node.js, Python, .Net and Java.
@@ -382,8 +386,6 @@ Tools and resources exclusively targeting the [AWS IAM policies](http://docs.aws
- [IAMbic](https://github.com/noqdev/iambic) - GitOps for IAM. The Terraform of Cloud IAM. IAMbic is a multi-cloud identity and access management (IAM) control plane that centralizes and simplifies cloud access and permissions. It maintains an eventually consistent, human-readable, bi-directional representation of IAM in version control.
-- [aws-lint-iam-policies](https://github.com/welldone-cloud/aws-lint-iam-policies) - Runs IAM policy linting checks against either a single AWS account or all accounts of an AWS Organization. Reports on policies that violate security best practices or contain errors. Supports both identity-based and resource-based policies.
-
### Macaroons
A clever curiosity to distribute and delegate authorization.
@@ -394,6 +396,10 @@ A clever curiosity to distribute and delegate authorization.
- [Google paper's author compares Macaroons and JWTs](https://news.ycombinator.com/item?id=14294463) - As a consumer/verifier of macaroons, they allow you (through third-party caveats) to defer some authorization decisions to someone else. JWTs don't.
+### Other tools
+
+- [Gubernator](https://github.com/gubernator-io/gubernator) - High performance rate-limiting micro-service and library.
+
## OAuth2 & OpenID
[OAuth 2.0](https://en.wikipedia.org/wiki/OAuth#OAuth_2.0) is a *delegated authorization* framework. [OpenID Connect (OIDC)](https://en.wikipedia.org/wiki/OpenID_Connect) is an *authentication* layer on top of it.
@@ -412,7 +418,7 @@ The old *OpenID* is dead; the new *OpenID Connect* is very much not-dead.
- [OAuth in one picture](https://mobile.twitter.com/kamranahmedse/status/1276994010423361540) - A nice summary card.
-- [How to Implement a Secure Central Authentication Service in Six Steps](https://engineering.shopify.com/blogs/engineering/implement-secure-central-authentication-service-six-steps) - Got multiple legacy systems to merge with their own login methods and accounts? Here is how to merge all that mess by the way of OIDC.
+- [How to Implement a Secure Central Authentication Service in Six Steps](https://shopify.engineering/implement-secure-central-authentication-service-six-steps) - Got multiple legacy systems to merge with their own login methods and accounts? Here is how to merge all that mess by the way of OIDC.
- [Open-Sourcing BuzzFeed's SSO Experience](https://increment.com/security/open-sourcing-buzzfeeds-single-sign-on-process/) - OAuth2-friendly adaptation of the Central Authentication Service (CAS) protocol. You'll find there good OAuth user flow diagrams.
@@ -436,6 +442,8 @@ The old *OpenID* is dead; the new *OpenID Connect* is very much not-dead.
- [Logto](https://github.com/logto-io/logto) - Build the sign-in, auth, and user identity with this OIDC-based identity service.
+- [Authgear](https://github.com/authgear/authgear-server) - Open-source authentication-as-a-service solution. It includes the code for the server, AuthUI, the Portal, and Admin API.
+
- [The Decline of OpenID](https://penguindreams.org/blog/the-decline-of-openid/) - OpenID is being replaced in the public web to a mix of OAuth 1, OAuth 2 or other proprietary SSO protocols.
- [Why Mastercard Doesn't Use OAuth 2.0](https://developer.mastercard.com/blog/why-mastercard-doesnt-use-oauth-20) - “They did this to provide message-level integrity. OAuth 2 switched to transport-level confidentiality/integrity.” (which TLS provides) ([source](https://news.ycombinator.com/item?id=17486165)).
@@ -532,7 +540,7 @@ Most businesses do not collect customer's identity to create user profiles to se
- [Statistically Likely Usernames](https://github.com/insidetrust/statistically-likely-usernames) - Wordlists for creating statistically likely usernames for use in username-enumeration, simulated password-attacks and other security testing tasks.
-- [Facebook Dangerous Individuals and Organizations List](https://theintercept.com/document/2021/10/12/facebook-dangerous-individuals-and-organizations-list-reproduced-snapshot/) - Some groups and content are illegal in some juridictions. This is an example of a blocklist.
+- [Facebook Dangerous Individuals and Organizations List](https://theintercept.com/document/facebook-dangerous-individuals-and-organizations-list-reproduced-snapshot/) - Some groups and content are illegal in some juridictions. This is an example of a blocklist.
- [Ballerine](https://github.com/ballerine-io/ballerine) - An open-source infrastructure for user identity and risk management.
@@ -558,8 +566,6 @@ Any online communities, not only those related to gaming and social networks, re
- [You either die an MVP or live long enough to build content moderation](https://mux.com/blog/you-either-die-an-mvp-or-live-long-enough-to-build-content-moderation/) - “You can think about the solution space for this problem by considering three dimensions: cost, accuracy and speed. And two approaches: human review and machine review. Humans are great in one of these dimensions: accuracy. The downside is that humans are expensive and slow. Machines, or robots, are great at the other two dimensions: cost and speed - they're much cheaper and faster. But the goal is to find a robot solution that is also sufficiently accurate for your needs.”
-- [Keep out the bad apples: How to moderate a marketplace](https://www.twosided.io/p/keep-out-the-bad-apples-how-to-moderate) - “With great power comes great responsibility. Some of my tips and tricks to make your marketplace a safer place.”
-
- [The despair and darkness of people will get to you](https://restofworld.org/2020/facebook-international-content-moderators/) - Moderation of huge social networks is performed by an army of outsourced subcontractors. These people are exposed to the worst and generally ends up with PTSD.
- [The Cleaners](https://thoughtmaybe.com/the-cleaners/) - A documentary on these teams of underpaid people removing posts and deleting accounts.
@@ -702,8 +708,6 @@ The well-known European privacy framework
- [GDPR – A Practical guide for Developers](https://techblog.bozho.net/gdpr-practical-guide-developers/) - A one-page summary of the above.
-- [GDPR Tracker](https://gdprtracker.io) - Track the GDPR compliance of cloud services and subprocessors.
-
- [GDPR documents](https://github.com/good-lly/gdpr-documents) - Templates for personal use to have companies comply with "Data Access" requests.
- [Dark Patterns after the GDPR](https://arxiv.org/pdf/2001.02479.pdf) - This paper demonstrates that, because of the lack of GDPR law enforcements, dark patterns and implied consent are ubiquitous.
diff --git a/docs/awesome/awesome-malware-persistence.md b/docs/awesome/awesome-malware-persistence.md
index 425fc88e92..183cd583f0 100644
--- a/docs/awesome/awesome-malware-persistence.md
+++ b/docs/awesome/awesome-malware-persistence.md
@@ -24,6 +24,8 @@ _Persistence techniques and detection._
* [Linux Malware Persistence with Cron](https://www.sandflysecurity.com/blog/linux-malware-persistence-with-cron/) - Blog post about linux persistence using cron jobs.
* [Linux Persistence Techniques](https://research.splunk.com/stories/linux_persistence_techniques/) - List of persistence techniques.
* [Linux Red Team Persistence Techniques](https://www.linode.com/docs/guides/linux-red-team-persistence-techniques/) - List of persistence techniques.
+* [PANIX - Persistence Against *NIX - Features](https://github.com/Aegrah/PANIX?tab=readme-ov-file#features) - List of persistence techniques.
+* [Linux Detection Engineering - A primer on persistence mechanisms](https://www.elastic.co/security-labs/primer-on-persistence-mechanisms) - List of Linux persistence mechanisms.
* [ebpfkit](https://github.com/Gui774ume/ebpfkit) - Rootkit leveraging eBPF.
* [TripleCross](https://github.com/h3xduck/TripleCross) - Rootkit leveraging eBPF.
@@ -55,6 +57,7 @@ _Persistence techniques and detection._
### Cloud
* [Shadow Linking: The Persistence Vector of SaaS Identity Threat](https://www.obsidiansecurity.com/blog/shadow-linking-the-persistence-vector-of-saas-identity-threat/) - Abuse of additional identity providers to persist in an environment.
+* [Persisting on Entra ID applications and User Managed Identities with Federated Credentials](https://dirkjanm.io/persisting-with-federated-credentials-entra-apps-managed-identities/) - Persist on Entra ID applications and User Managed Identities with Federated Credentials.
### Firmware
@@ -68,6 +71,7 @@ _Tools and commands for persistence mechanisms removal. Beside the tools mention
* [Awesome Incident Response](https://github.com/meirwah/awesome-incident-response) - Use the tools and resources for security incident response, aimed to help security analysts and DFIR teams.
### Windows
+
* [PowerSponse](https://github.com/swisscom/PowerSponse) - PowerSponse includes various commands for cleanup of persistence mechanisms.
* [Removing Backdoors – Powershell Empire Edition](https://www.n00py.io/2017/01/removing-backdoors-powershell-empire-edition/) - Various blog posts handle the removal of WMI implants.
* [RegDelNull](https://docs.microsoft.com/en-us/sysinternals/downloads/regdelnull) - Removal of registry keys with null bytes - used e.g. in run keys for evasion.
@@ -79,6 +83,7 @@ _Tools for testing detections. Use the techniques described in [Persistence Tech
* [Atomic Red Team](https://github.com/redcanaryco/atomic-red-team) - Atomic Red Team supports also the MITRE ATT&CK persistence techniques, see e.g. [T1044 "File System Permissions Weakness"](https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1044/T1044.yaml).
* [hasherezade persistence demos](https://github.com/hasherezade/persistence_demos) - Various (also non standard) persistence methods used by malware for testing own detection, among others COM hijacking demo is found in the repo.
* [PoisonApple](https://github.com/CyborgSecurity/PoisonApple) - Perform various persistence techniques on macOS.
+* [PANIX](https://github.com/Aegrah/PANIX) - A highly customizable Linux persistence tool. Perform various persistence techniques against Linux systems, among others Debian and RHEL.
## Prevention
diff --git a/docs/awesome/awesome-slack.md b/docs/awesome/awesome-slack.md
index a672586b46..9fc39434bd 100644
--- a/docs/awesome/awesome-slack.md
+++ b/docs/awesome/awesome-slack.md
@@ -1,157 +1,73 @@
-
-[](https://github.com/sindresorhus/awesome)
-
-
- 
-
-
-
-
Awesome Slack
-
-
-
- A curated list of awesome, Slack-related things.
-
-
-***
-
-An avid Slack user? A developer looking for awesome tools to build out an integration? Just looking for inspiration? This is a list of all the best things Slack.
-
-
-## :pencil: Lists
-- [Community-Built Libraries](https://api.slack.com/community) - Slack-curated list of community open-source libraries
-- [Slack App Directory](https://slack.com/apps) - Official directory of publicly available Slack apps
-- [Slack Emojis](https://emoji.gg) - Unofficial directory of custom emojis for Slack
-
-## :art: Themes
-
-- [Slack Themes](http://slackthemes.net/) - A Slack sidebar theme browser
-- [Sweet Themes Are Made of These](http://sweetthemesaremadeofthe.se/) - Website for sharing Slack custom palettes
-
-## :hammer_and_wrench: Libraries and SDKs
-
-### C#
-
-- [margiebot](https://github.com/jammerware/margiebot) - A .NET library designed to make building bots for Slack fast, easy, and fun
-- [Slack.Webhooks](https://github.com/nerdfury/Slack.Webhooks) - A library to work with Slack webhooks more easily
-- [SlackAPI](https://github.com/Inumedia/SlackAPI) - A third-party implementation of Slack's API written in C#
-
-### Erlang
-
-- [slacker](https://github.com/julienXX/slacker) - Erlang Slack REST API wrapper
-
-### Go
-
-- [webhook](https://github.com/adnanh/webhook) - Easily run commands in response to HTTP webhook requests from Slack
-
-### Java
-
-- [java-slack-sdk](https://github.com/slackapi/java-slack-sdk) - Slack's official Java framework for building Slack apps
-- [simple-slack-api](https://github.com/Ullink/simple-slack-api) - A Slack client library in Java
-
-### JavaScript/TypeScript
-
-- [bolt-js](https://github.com/slackapi/bolt-js) - Slack's official JavaScript framework for building Slack apps
-- [jsx-slack](https://github.com/yhatt/jsx-slack) - Build JSON object for Slack Block Kit surfaces from JSX
-- [node-slack-sdk](https://github.com/slackapi/node-slack-sdk) - Slack's official SDK for Node.js
-- [slack-block-builder](https://github.com/raycharius/slack-block-builder) - Lightweight Node.js library for building Slack Block Kit UIs, with a declarative syntax inspired by SwiftUI
-
-### PHP
-
-- [SlackBundle](https://github.com/DZunke/SlackBundle) - SlackBundle for Symfony2
-- [slack-php-app-framework](https://github.com/slack-php/slack-php-app-framework) - Robust PHP framework for building Slack apps in PHP
-- [slack-php-block-kit](https://github.com/jeremeamia/slack-block-kit) - Fluent interface for composing Slack Block Kit messages and modals in PHP
-- [slack-php-socket-mode](https://github.com/slack-php/slack-php-socket-mode) - A Socket Mode implementation for [slack-php-app-framework](https://github.com/slack-php/slack-php-app-framework)
-- [slack-php-slick](https://github.com/slack-php/slack-php-slick) - Dependency-free micro-framework for building Slack apps in PHP
-
-### PowerShell
-
-- [PSSlack](https://github.com/RamblingCookieMonster/PSSlack) - PowerShell module for simple Slack integration.
-
-### Python
-
-- [blockkit](https://github.com/imryche/blockkit) - A fast way to build Block Kit interfaces in Python
-- [bolt-python](https://github.com/slackapi/bolt-python) - Slack's official Python framework for building Slack apps
-- [django-slack](https://github.com/lamby/django-slack) - Slack integration for Django, using the templating engine to generate messages
-- [django-slack-oauth](https://github.com/izdi/django-slack-oauth) - Slack OAuth module for Django
-- [python-slack-events-api](https://github.com/slackapi/python-slack-events-api) - Slack Events API adapter for Python
-- [python-slack-sdk](https://github.com/slackapi/python-slack-sdk) - Slack's official SDK for Python
-- [slackblocks](https://github.com/nicklambourne/slackblocks) - Python API for building Slack Block Kit messages
-- [slack-php-api](https://github.com/jolicode/slack-php-api) - PHP Slack client based on the official OpenAPI specification
-- [slacker-cli](https://github.com/juanpabloaj/slacker-cli) - Messages to slack from the command line
-- [slashbot](https://github.com/ebrassell/slashbot) - An easy way to create slash commands using AWS Lambda functions
-- [boltworks](https://github.com/YSaxon/boltworks) - Extensions to Slack's bolt framework: expandable GUIs, easier callbacks, richer CLIs
-
-### R
-
-- [slackr](https://github.com/hrbrmstr/slackr) - A package to send webhook API messages to Slack channels/users from R
-
-### Ruby
-
-- [slack-notifier](https://github.com/stevenosloan/slack-notifier) - A simple wrapper for posting to Slack
-- [slack-notify](https://github.com/sosedoff/slack-notify) - Send notifications to Slack
-- [slack-poster](https://github.com/rikas/slack-poster) - Simple gem to post messages on Slack using webhooks
-- [slack-ruby-block-kit](https://github.com/CGA1123/slack-ruby-block-kit) - A ruby wrapper for Slack's Block Kit
-- [slack-ruby-bot](https://github.com/dblock/slack-ruby-bot) - The easiest way to write a Slack bot in Ruby
-- [slack-ruby-bot-server](https://github.com/slack-ruby/slack-ruby-bot-server) - Ruby library for building Slack applications
-- [slack-ruby-client](https://github.com/dblock/slack-ruby-client) - A Ruby client for the Slack Web and RealTime Messaging APIs
-
-### Rust
-
-- [slack-morphism-rust](https://github.com/abdolence/slack-morphism-rust) - A modern async Slack API client for Rust
-
-### Scala
-
-- [slack-scala-client](https://github.com/gilbertw1/slack-scala-client) - A Scala Slack client for the Web and RTM API
-
-### Swift
-
-- [SwiftBlocksUI](https://github.com/SwiftBlocksUI/SwiftBlocksUI/) - Interactive Slack messages and modals using a SwiftUI-like declarative style
-
-## :gear: Open-Source Slack Apps and Integrations
-
-### CoffeeScript
-
-- [jinora](https://github.com/sdslabs/jinora) - Slack webhook app to create anonymous public channels
-
-### Java
-
-- [simple-slack-api](https://github.com/Ullink/simple-slack-api) - A Slack client library in Java
-- [tasks-app](https://github.com/slackapi/tasks-app) - Simple task management app produced by Slack
-
-### JavaScript/Typescript
-
-- [definition-app](https://github.com/slackapi/definition-app) - App for storing and accessing company-specific phrases
-- [slack-github-action](https://github.com/slackapi/slack-github-action) - Send data into Slack using this GitHub Action
-- [slack-reporting-tool](https://github.com/slackapi/slack-reporting-tool) - App that allows team members to report offensive messages
-- [tesla-slack](https://github.com/heikkipora/tesla-slack) - Track your Tesla from Slack
-- [tasks-app](https://github.com/slackapi/tasks-app) - Simple task management app produced by Slack
-
-### PHP
-
-- [MantisBT-Slack](https://github.com/infojunkie/MantisBT-Slack) - MantisBT plugin to send bug updates to Slack
-- [monolog](https://github.com/Seldaek/monolog) - Sends your logs to Slack
-
-### Python
-
-- [slackbot](https://github.com/lins05/slackbot) - A chat bot for Slack
-- [slacker-cli](https://github.com/juanpabloaj/slacker-cli) - Messages to slack from the command line
-- [tasks-app](https://github.com/slackapi/tasks-app) - Simple task management app produced by Slack
-- [wee-slack](https://github.com/rawdigits/wee-slack) - A WeeChat plugin for Slack
-
-### Ruby
-
-- [slack-gamebot](https://github.com/dblock/slack-gamebot) - A game bot for Slack
-- [snarkov](https://github.com/gesteves/snarkov) - Sinatra-based Markov bot for Slack
-- [tickbot](https://github.com/barryf/tickbot) - Simple team time tracking reminder
-- [trebekbot](https://github.com/gesteves/trebekbot) - A Jeopardy! bot for Slack
-
-## :busts_in_silhouette: Contributions
-
-Contributions are always welcome! Please read the [contribution guidelines](https://github.com/matiassingers/awesome-slack/blob/master/contributing.md) first.
-
-## :classical_building: License
-
-[](http://creativecommons.org/publicdomain/zero/1.0/)
-
-To the extent possible under law, [Matias Singers](http://mts.io) has waived all copyright and related or neighboring rights to this work.
+
+## Awesome Slack Communities [](https://github.com/sindresorhus/awesome)
+[](https://travis-ci.org/filipelinhares/awesome-slack)
+
+A list of communities about web development and design that are powered by **Slack**.
+
+## What's Slack
+> Slack is a platform for team communication: everything in one place, instantly searchable, available wherever you go. *- slack.com*
+
+
+## Development
+- [Ember](https://ember-community-slackin.herokuapp.com/)
+- [Laravel](https://larachat.co/)
+- [Ruby](https://rubydevelopers.typeform.com/to/l7WVWl)
+- [Front end](https://frontenddevelopers.org/)
+- [Android](https://androidchat.co/)
+- [GO](https://docs.google.com/forms/d/e/1FAIpQLScNsNXbz2SCLH5hVNoZS0C70nPAXv730SW9F3K1g6iVvlcUTg/viewform?fbzx=4754263898376949596)
+- [PHP Chat](https://phpchat.co)
+- [Clojure](http://clojurians.net/)
+- [iOS Developers](https://ios-developers.io/)
+- [Elixir](https://elixir-slackin.herokuapp.com/)
+- [slashrocket](https://slashrocket.io/)
+- [Cordova](http://slack.cordova.io/)
+- [Python Community](https://pythoncommunity.herokuapp.com/)
+- [CFML/ColdFusion](https://cfml-slack.herokuapp.com/)
+
+
+## Regional
+- [Australia & New Zealand](http://devanz.co)
+- [Les Pitonneux - Montreal QC Canada](https://pitonneux.slack.com)
+- [Python Brazilian Community](http://slack-pythonbrasil.herokuapp.com/)
+- [Remote workers in Romania](https://github.com/filipelinhares/awesome-slack/blob/master/weworkremotely.slack.com/)
+- [Russian-speaking developers community](https://rusdevs.herokuapp.com/)
+- [Kazan Developers](https://devkzn.slack.com/)
+- [Polish developers](http://slackin.devstyle.pl/)
+- [Spanish-speaking developer communities list](https://github.com/comunidad-tecnologica/awesome-spanish-slack-dev-groups)
+- [Ruby Turkey Community](https://rubytr.herokuapp.com/)
+- [Rochester NY USA Developers (RocDev)](https://rocdev.org/)
+- [Vancouver Developers (yvrdev)](https://yvrdev.slack.com/)
+
+## Design
+- [Sketch](http://teamsketch.io/)
+- [Design Talks](https://docs.google.com/forms/d/e/1FAIpQLSeKT_LC8kKTzJ4JjmgVQVpfl24i1qBkjJ7TYyQcNHL7fBQkYQ/viewform?c=0&w=1)
+- [Designer Hangout](https://www.designerhangout.co/)
+
+## Misc
+- [WordPress](https://make.wordpress.org/chat/)
+- [Chit Chats](http://www.chitchats.co/)
+- [The Evangelist Collective](https://github.com/evangelistcollective/)
+- [Psychedelic Chat](http://psychedelicchat.com/)
+- [LGBTQ in Technology](https://lgbtq.technology/)
+- [#Startup](http://startup.chat)
+- [Safelight](http://safelight.herokuapp.com/) - Photography.
+- [DFIR Community](https://rishi28.typeform.com/to/sTbTI8) - Information Security.
+- [First Contributors](https://firstcontributors.slack.com/join/shared_invite/enQtNjkxNzQwNzA2MTMwLTVhMWJjNjg2ODRlNWZhNjIzYjgwNDIyZWYwZjhjYTQ4OTBjMWM0MmFhZDUxNzBiYzczMGNiYzcxNjkzZDZlMDM#/) - Help / mentorship for open source contributors.
+- [IT Pro Community](https://www.electric.ai/it-pro-slack) - Connect and network with IT practitioners and decision-makers
+- [SaaS Community](https://join.slack.com/t/saas-hgv7803/shared_invite/zt-qwvrywyr-8DmSpEzBiSWD2WQuB9r9pw) - Community for SaaS product builders, to discuss the challenges involved.
+- [Developer Marketing](https://marketingto.dev/) - Passionate marketing folks working in API Marketing, developer tooling, or actively marketing to developers.
+
+## DevOps
+- [Google Cloud Platform](http://bit.ly/gcp-slack)
+- [Kubernetes](http://slack.kubernetes.io/)
+- [DevOps](https://devopschat.co/)
+- [Devop Engineers](https://www.devopsengineers.com/)
+- [SweetOps](https://slack.cloudposse.com/)
+## Looking for more lists like that
+- [Awesome Community](https://github.com/phpearth/awesome-community)
+
+## Contribute
+Your contributions and suggestions are :heart: welcome. Ensure to read the [guidelines](https://github.com/filipelinhares/awesome-slack/blob/master/CONTRIBUTING.md) first.
+
+## License
+[](https://creativecommons.org/publicdomain/zero/1.0/)
diff --git a/docs/awesome/awesome-vue.md b/docs/awesome/awesome-vue.md
index 1bbf38afbe..4b589c0e66 100644
--- a/docs/awesome/awesome-vue.md
+++ b/docs/awesome/awesome-vue.md
@@ -1251,7 +1251,8 @@ _Set of admin template_
- [vue-vben-admin](https://github.com/vbenjs/vue-vben-admin) - A modern vue admin. It is based on Vue3, vite and TypeScript. It's fast! [Live demo](https://vben.vvbin.cn/)
- [Geeker-Admin](https://github.com/HalseySpicy/Geeker-Admin) - A set of open source backend management framework based on Vue3 + TypeScript + Element Plus. [Live demo](https://admin.spicyboy.cn)
- [gin-vue-admin](https://github.com/flipped-aurora/gin-vue-admin) - 🚀Vite+Vue3+Gin development basic platform. [Live demo](https://demo.gin-vue-admin.com)
-
+- [adminforth](https://adminforth.dev) - Vue + Node + Tailwind admin framework. [Live Demo](https://demo.adminforth.dev)
+
#### Server-side rendering
- [Nuxt.js](https://github.com/nuxt/nuxt.js) - Versatile Vue.js Framework.
diff --git a/docs/awesome/static-analysis.md b/docs/awesome/static-analysis.md
index 5b192d104a..29201d098c 100644
--- a/docs/awesome/static-analysis.md
+++ b/docs/awesome/static-analysis.md
@@ -1608,7 +1608,7 @@ Loading address: binbloom can parse a raw binary firmware and determine its load
Build tools
-- [checkmake](https://github.com/mrtazz/checkmake) — Linter / Analyzer for Makefiles.
+- [checkmake](https://github.com/mrtazz/checkmake) :warning: — Linter / Analyzer for Makefiles.
- [portlint](https://www.freebsd.org/cgi/man.cgi?query=portlint&sektion=1&manpath=FreeBSD+8.1-RELEASE+and+Ports) — A verifier for FreeBSD and DragonFlyBSD port directories.
@@ -1904,7 +1904,7 @@ but with the following improvements:
Makefiles
-- [checkmake](https://github.com/mrtazz/checkmake) — Linter / Analyzer for Makefiles.
+- [checkmake](https://github.com/mrtazz/checkmake) :warning: — Linter / Analyzer for Makefiles.
- [portlint](https://www.freebsd.org/cgi/man.cgi?query=portlint&sektion=1&manpath=FreeBSD+8.1-RELEASE+and+Ports) — A verifier for FreeBSD and DragonFlyBSD port directories.
@@ -1915,7 +1915,7 @@ but with the following improvements:
- [markdownlint](https://github.com/DavidAnson/markdownlint) — Node.js -based style checker and lint tool for Markdown/CommonMark files.
-- [mdformat](https://mdformat.rtfd.io) — CommonMark compliant Markdown formatter
+- [mdformat](https://mdformat.rtfd.io) :warning: — CommonMark compliant Markdown formatter
- [mdl](https://github.com/mivok/markdownlint) — A tool to check Markdown files and flag style issues.