Harmoc

followers

following

stars

天枢

Harmoc's starred repositories

DarkAngel

DarkAngel 是一款全自动白帽漏洞扫描器，从hackerone、bugcrowd资产监听到漏洞报告生成、漏洞URL截屏、消息通知。

Language:RubyMIT57300

cve

Gather and update all available and newest CVEs with their PoC.

Language:HTMLMIT631600

bash-parser

Parses bash into an AST

Language:JavaScriptMIT19400

Dependency-Confusion

All About Dependency Confusion Attack, (Detecting, Finding, Mitigating)

Language:Shell26600

murphysec

An open source tool focused on software supply chain security. 墨菲安全专注于软件供应链安全，具备专业的软件成分分析（SCA）、漏洞检测、专业漏洞库。

Language:GoApache-2.0161500

awesome-cloud-security

awesome cloud security 收集一些国内外不错的云安全资源，该项目主要面向国内的安全人员

Apache-2.0166900

API-Security-Checklist

Checklist of the most important security countermeasures when designing, testing, and releasing your API

MIT2224300

OffensiveRust

Rust Weaponization for Red Team Engagements.

Language:Rust255100

chatgpt-vscode

A VSCode extension that allows you to use ChatGPT

Language:TypeScript495600

ChatGPT

Reverse engineered ChatGPT API

Language:PythonGPL-2.02799200

http-request-smuggler

Language:JavaNOASSERTION94900

awesome-malware-analysis

Defund the Police.

NOASSERTION1140200

ENScan_GO

一款基于各大企业信息API的工具，解决在遇到的各种针对国内企业信息收集难题。一键收集控股公司ICP备案、APP、小程序、微信公众号等信息聚合导出。

Language:GoApache-2.0282200

awesome-reversing

A curated list of awesome reversing resources

BREAK

业务风险枚举与规避知识框架（Business Risk Enumeration & Avoidance Kownledge）

Language:VueApache-2.026600

frp

A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.

Language:GoApache-2.08259100

Forest

基于frp(0.44.0)二次开发，删除不必要功能，加密配置文件，修改流量以及文件特征

Language:Go30700

w5

Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台，无需编写代码的安全自动化，使用 SOAR 可以让团队工作更加高效

Language:PythonGPL-3.0147400

CVE-2022-39197

CobaltStrike <= 4.7.1 RCE

Language:Python37300

superSearchPlus

superSearchPlus是聚合型信息收集插件，支持综合查询，资产测绘查询，信息收集敏感信息提取 js资源扫描目录扫描 vue组件扫描整合了目前常见的资产测绘平台专为白帽子提供快速侦测目标。

Language:HTML125000

chromepass

Chromepass - Hacking Chrome Saved Passwords

Language:RustAGPL-3.076200

architecture.wechat-tencent

互联网公司架构: 微信技术架构，腾讯技术架构

rust-course

“连续六年成为全世界最受喜爱的语言，无 GC 也无需手动内存管理、极高的性能和安全性、过程/OO/函数式编程、优秀的包管理、JS 未来基石" — 工作之余的第二语言来试试 Rust 吧。<<Rust语言圣经>>拥有全面且深入的讲解、生动贴切的示例、德芙般丝滑的内容，甚至还有JS程序员关注的 WASM 和 Deno 等专题。这可能是目前最用心的 Rust 中文学习教程 / Book

Language:Rust2426000

APIKit

Type-safe networking abstraction layer that associates request type with response type.

Language:SwiftMIT199000

notes

Security & Development

Attack_Code

文章 Attack Code 的详细全文。安全和开发总是具有伴生属性，尤其是云的安全方向，本篇文章是希望能帮助到读者的云安全入门材料。Full text of the article Attack Code. Security and development always have concomitant attributes, and this is especially true with the security direction of the cloud. This article is an introduction to cloud security that I hope will help readers.

Language:Shell52500

GoBypassAV

整理了基于Go的16种API免杀测试、8种加密测试、反沙盒测试、编译混淆、加壳、资源修改等免杀技术，并搜集汇总了一些资料和工具。

Language:Go104700

FuckJsonp-RCE-CVE-2022-26809-SQL-XSS-FuckJsonp

警惕一种针对红队的新型溯源手段!

fscan

一款内网综合扫描工具，方便一键自动化、全方位漏扫扫描。

Language:GoMIT916100

Hyuga

Hyuga 是一个用来监控带外(Out-of-Band)流量的工具。🪤

Language:GoGPL-3.051500