Harmoc's starred repositories
awesome-api-security
A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
securitylab
Resources related to GitHub Security Lab
MemoryShellLearn
分享几个直接可用的内存马,记录一下学习过程中看过的文章
RedTeam-BCS
BCS(北京网络安全大会)2019 红队行动会议重点内容
sonar-java
:coffee: SonarSource Static Analyzer for Java Code Quality and Security
java-sec-code
Java web common vulnerabilities and security code which is base on springboot and spring security
phpcs-security-audit
phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code
CTFDefense
Some tools for CTF off line
XCTF2021Final-Dubbo
Writeup and environment for XCTF2021Final-Dubbo
OffensivePH
OffensivePH - use old Process Hacker driver to bypass several user-mode access controls
SpoolSample
PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface. This is possible via other protocols as well.
ldapdomaindump
Active Directory information dumper via LDAP
suricata-rules
Suricata IDS rules 用来检测红队渗透/恶意行为等,支持检测CobaltStrike/MSF/Empire/DNS隧道/Weevely/菜刀/冰蝎/挖矿/反弹shell/ICMP隧道等
dns-black-cat
Multi platform toolkit for an interactive DNS shell commands exfiltration, by using DNS-Cat you will be able to execute system commands in shell mode over DNS protocol
2021hvv_vul
2021hvv漏洞汇总
Learn-Web-Hacking
Study Notes For Web Hacking / Web安全学习笔记
Learn-Binary-Hacking
Binary Hacking Study Notes
javascript-obfuscator
A powerful obfuscator for JavaScript and Node.js
RoguePotato
Another Windows Local Privilege Escalation from Service Account to System
SharpDecryptPwd
对密码已保存在 Windwos 系统上的部分程序进行解析,包括:Navicat,TeamViewer,FileZilla,WinSCP,Xmangager系列产品(Xshell,Xftp)。源码:https://github.com/RowTeam/SharpDecryptPwd
MoAn_Honey_Pot_Urls
X安蜜罐用的一些存在JSonp劫持的API
KingOfBugBountyTips
Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..