MrBe1ieVe

API-Security-Checklist

Checklist of the most important security countermeasures when designing, testing, and releasing your API

chatbox

User-friendly Desktop Client App for AI Models/LLMs (GPT, Claude, Gemini, Ollama...)

ysoserial

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

linux-exploit-suggester

Linux privilege escalation auditing tool

DeFiHackLabs

Reproduce DeFi hacked incidents using Foundry.

antSword

中国蚁剑是一款跨平台的开源网站管理工具。AntSword is a cross-platform website management toolkit.

hackerone-reports

Top disclosed reports from HackerOne

attack_range

A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk

API-Security

OWASP API Security Project

joern

Open-source code analysis platform for C/C++/Java/Binary/Javascript/Python/Kotlin based on code property graphs. Discord https://discord.gg/vv4MH284Hc

linux-exploit-suggester-2

Next-Generation Linux Kernel Exploit Suggester

awesome-cloud-security

awesome cloud security 收集一些国内外不错的云安全资源，该项目主要面向国内的安全人员

murphysec

An open source tool focused on software supply chain security. 墨菲安全专注于软件供应链安全，具备专业的软件成分分析（SCA）、漏洞检测、专业漏洞库。

noseyparker

Nosey Parker is a command-line program that finds secrets and sensitive information in textual data and Git history.

javasec

自己学习java安全的一些总结，主要是安全审计相关

DetectDee

DetectDee: Hunt down social media accounts by username, email or phone across social networks.

RTA

Goby

awesome-lists

Awesome Security lists for SOC/CERT/CTI

Active_Directory_Advanced_Threat_Hunting

This repo is about Active Directory Advanced Threat Hunting

struts-examples

Mirror of Apache Struts

resocks

mTLS-Encrypted Back-Connect SOCKS5 Proxy

SAST

《深入理解SAST静态应用安全测试》Static Application Security Testing.

ant-application-security-testing-benchmark

xAST评价体系，让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".

SecGPT

A Test Project for a Network Security-oriented LLM Tool Emulating AutoGPT

RCEFuzzer

一个以fuzz为中心**的被动扫描工具

Cyber_Security_Malware_APT_Simulation

All the principles of the AI modular structure that generates malicious code fragments sold on the dark web

SuperWordlist

基于实战沉淀下的各种弱口令字典

libwebp-checker

A tool for finding vulnerable libwebp(CVE-2023-4863)

spectra-js

JavaScript implementation of the Spectra DSL.