Harmoc's starred repositories
bash-parser
Parses bash into an AST
Dependency-Confusion
All About Dependency Confusion Attack, (Detecting, Finding, Mitigating)
awesome-cloud-security
awesome cloud security 收集一些国内外不错的云安全资源,该项目主要面向国内的安全人员
API-Security-Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
OffensiveRust
Rust Weaponization for Red Team Engagements.
chatgpt-vscode
A VSCode extension that allows you to use ChatGPT
awesome-malware-analysis
Defund the Police.
awesome-reversing
A curated list of awesome reversing resources
CVE-2022-39197
CobaltStrike <= 4.7.1 RCE
superSearchPlus
superSearchPlus是聚合型信息收集插件,支持综合查询,资产测绘查询,信息收集 敏感信息提取 js资源扫描 目录扫描 vue组件扫描 整合了目前常见的资产测绘平台 专为白帽子提供快速侦测目标。
chromepass
Chromepass - Hacking Chrome Saved Passwords
architecture.wechat-tencent
互联网公司架构: 微信技术架构, 腾讯技术架构
rust-course
“连续六年成为全世界最受喜爱的语言,无 GC 也无需手动内存管理、极高的性能和安全性、过程/OO/函数式编程、优秀的包管理、JS 未来基石" — 工作之余的第二语言来试试 Rust 吧。<<Rust语言圣经>>拥有全面且深入的讲解、生动贴切的示例、德芙般丝滑的内容,甚至还有JS程序员关注的 WASM 和 Deno 等专题。这可能是目前最用心的 Rust 中文学习教程 / Book
Attack_Code
文章 Attack Code 的详细全文。安全和开发总是具有伴生属性,尤其是云的安全方向,本篇文章是希望能帮助到读者的云安全入门材料。Full text of the article Attack Code. Security and development always have concomitant attributes, and this is especially true with the security direction of the cloud. This article is an introduction to cloud security that I hope will help readers.
GoBypassAV
整理了基于Go的16种API免杀测试、8种加密测试、反沙盒测试、编译混淆、加壳、资源修改等免杀技术,并搜集汇总了一些资料和工具。
FuckJsonp-RCE-CVE-2022-26809-SQL-XSS-FuckJsonp
警惕 一种针对红队的新型溯源手段!