Harmoc

SimuLand

Understand adversary tradecraft and improve detection strategies

DomainBorrowingC2

ffuf

Fast web fuzzer written in Go

RedWarden

Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation

scf-proxy

云函数代理服务

awesome-google-vrp-writeups

🐛 A list of writeups from the Google VRP Bug Bounty program

JavaLearnVulnerability

Java漏洞学习笔记 Deserialization Vulnerability

CVE-2021-31166

Proof of concept for CVE-2021-31166, a remote HTTP.sys use-after-free triggered remotely.

Mobile-Security-Framework-MobSF

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

fragattacks

HopLa

HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite

linux_information

自动化收集linux信息

MDUT

MDUT - Multiple Database Utilization Tools

blind-ssrf-chains

An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability

DomainBorrowing

Domain Borrowing PoC

the-backdoor-factory

Patch PE, ELF, Mach-O binaries with shellcode new version in development, available only to sponsors

404StarLink

404StarLink - 推荐优质、有意义、有趣、坚持维护的安全开源项目

As-Exploits

**蚁剑后渗透框架

RedTeaming2020

RedTeaming知识星球2020年安全知识汇总

mimipenguin

A tool to dump the login password from the current linux user

graph4code

超硬核！使用图数据技术发现软件漏洞

xmap

XMap is a fast network scanner designed for performing Internet-wide IPv6 & IPv4 network research scanning.

BeaconHunter

Detect and respond to Cobalt Strike beacons using ETW.

clearlogs

Clear All Windows System Logs - AntiForensics

tabby

A CAT called tabby ( Code Analysis Tool )

Invoke-SharpLoader

can-utils

Linux-CAN / SocketCAN user space applications

how-to-build-hcfy

《从零开始开发一个划词翻译扩展程序》系列文章

InScan

边界打点后的自动化渗透工具

ZhouYu

（周瑜）Java - SpringBoot 持久化 WebShell 学习demo（不仅仅是SpringBoot，适合任何符合JavaEE规范的服务）