appsec.fyi

Embed Widgets

Drop a one-iframe widget on your security blog or knowledge base showing the 5 latest curated resources for any topic.

How to use

Pick the topic you want, paste this snippet into your page, change the src URL to match the topic. The widget is theme-aware via prefers-color-scheme — it adapts to your visitors’ OS theme automatically.

<iframe
  src="https://appsec.fyi/embed/xss.html"
  width="100%" height="320" frameborder="0"
  style="border:1px solid #ccc;border-radius:8px;max-width:480px;"
  title="Latest XSS resources from appsec.fyi"
  loading="lazy">
</iframe>

Live preview — XSS:

Live preview — SSRF:

Available topics

AI/embed/ai.html API Sec/embed/apisec.html AuthN/embed/authn.html AuthZ/embed/authz.html Bug Bounty/embed/bugbounty.html Burp/embed/burp.html CSRF/embed/csrf.html Deser/embed/deser.html Fuzzing/embed/fuzzing.html GraphQL/embed/graphql.html IDOR/embed/idor.html JWT/embed/jwt.html Mobile/embed/mobile.html OSINT/embed/osint.html Python/embed/python.html RCE/embed/rce.html Recon/embed/recon.html Secrets/embed/secrets.html SQLi/embed/sqli.html SSRF/embed/ssrf.html SSTI/embed/ssti.html Supply Chain/embed/supplychain.html Talks/embed/talks.html XSS/embed/xss.html XXE/embed/xxe.html

Notes

Each widget shows the 5 most recently added resources for that topic. The list refreshes every cron build (twice daily, midnight + noon ET). Resource links open in a new tab; the topic title and the “More →” footer break out of the iframe to take readers to the full topic page on appsec.fyi.

No JavaScript, no tracking, no cookies. Width is responsive; pick a height that fits your sidebar (about 320–400px works well for 5 items).

If you embed one of these on your blog, drop me a note — I’d like to know where they end up.