This is your work, valued
Staff Security Engineer at @linkedin, formerly @dropbox, @twitter, and @mozilla.
laboratory. Because good website security shouldn't only be available to mad scientists!
183certainly-something. WebExtension that shows certificate chains in an aesthetically pleasing manner.
94cryptonom-icon. Freely available cryptographic iconography
67decklist. The code behind decklist.org, which generates DCI Registration Sheets.
49picoca. PicoCA is a simple CA intended for use for educational and self-hosting purposes.
27badsite.io. badsite.io is intended for manual testing of web security in clients and test tolos
18crypto-presentation. Crypto presentation to be used at Mozilla and elsewhere
15httpbin. HTTP Request & Response Service, written in Python + Flask.
15codelesscode-recipe. Calibre recipe for thecodelesscode.com
7textual-theme-Equinox. A series of updates to the nox theme from Textual 5
6security-report-card. WebExtension that the Mozilla Observatory to scan sites and determine how secure they are.
5alexcam. A little HTML5-based webcam system, with delays and other nifty effects.
4mtg-counters. Python
4.dotfiles. Shell
3badssl.com. Memorable test site with bad SSL configs.
3pyinfo. Python version of phpinfo(). If there's any evil I'll be remembered for, it's this.
3websec-presentation. Presentation on the History of Web Security at Paris-Web 2018 (and maybe others)
3http-observatory. HTTP Observatory
2tls-observatory. An observatory for TLS configurations, X509 certificates, and more.
2mtgspoilerbot. The code behind @MTGSpoilerBot
2curl. A command line tool and library for transferring data with URL syntax, supporting DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET and TFTP. libcurl offers a myriad of powerful features
1certbot. Certbot is EFF's tool to obtain certs from Let's Encrypt and (optionally) auto-enable HTTPS on your server. It can also act as a client for any other CA that uses the ACME protocol.
1revorb. Remake of the ancient revorb for ww2ogg
1what-happens-when. An attempt to answer the age old interview question "What happens when you type google.com into your browser and press enter?"
1permission.site. A site to test the interaction of web APIs and browser permissions.
1pubconf-presentation. Presentation for pubconf.io in Minneapolis
1ssh_scan_api. A web API for ssh_scan (https://github.com/mozilla/ssh_scan)
1eslint. A fully pluggable tool for identifying and reporting on patterns in JavaScript.
1wikimo_opsec. OpSec's wiki.mozilla.org documentation
1servo.org. Main website for Servo.
1sso-dashboard-configuration. Mozilla list of RPs and Groups for SSO-Dashboard
1auth0-deploy. Rules and hosted pages (lock) used for the Auth0 instances of Mozilla.
1airmozilla. AirMozilla is the video broadcasting site for the Mozilla project
1letsencrypt-overview. A presentation about Let's Encrypt
1ssh_scan. A prototype SSH configuration and policy scanner (Blog: https://mozilla.github.io/ssh_scan/)
1surveillance.mozilla.org. Source code for https://surveillance.mozilla.org
1ssllabs-scan. A command-line reference-implementation client for SSL Labs APIs, designed for automated and/or bulk testing.
1