chanseng's repositories
Pentest_Interview
个人准备渗透测试和安全面试的经验之谈,和去部分厂商的面试题,干货真的满满~
APT_REPORT
Interesting apt report collection and some special ioc express
AttackWebFrameworkTools-5.0
本软件首先集成危害性较大框架和部分主流cms的rce(无需登录,或者登录绕过执行rce)和反序列化(利用链简单)。傻瓜式导入url即可实现批量getshell。批量自动化测试。例如:Thinkphp,Struts2,weblogic。出现的最新漏洞进行实时跟踪并且更新例如:log4jRCE,向日葵RCE 等等.
ATTCK-PenTester-Book
ATTCK-PenTester-Book
CICFlowMeter
CICFlowmeter-V4.0 (formerly known as ISCXFlowMeter) is a network traffic Bi-flow generator and analyzer for anomaly detection that has been used in many Cybersecurity datsets such as Android Adware-General Malware dataset (CICAAGM2017), IPS/IDS dataset (CICIDS2017), Android Malware dataset (CICAndMal2017) and Distributed Denial of Service (CICDDoS2019).
CobaltStrike
CobaltStrike's source code
CTF-All-In-One
CTF竞赛入门指南
GDA-android-reversing-Tool
GDA is a new fast and powerful decompiler in C++(working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, data decryption, and encryption, etc.
HaboMalHunter
HaboMalHunter is a sub-project of Habo Malware Analysis System (https://habo.qq.com), which can be used for automated malware analysis and security assessment on the Linux system.
HW
护网漏洞汇总
IoT-IDS
Intrusion Detection System for IoT Devices
IoTmalScan
A system can analyze ELF files, and return result including it is malicious or not and its belonging malware family
jsonp-
警惕 一种针对红队的新型溯源手段!
LiSa
Sandbox for automated Linux malware analysis.
malware_classification
classification of IoT malware using CNN
MiraiSecurity
Mirai
Mitigating-Web-Shells
Guidance for mitigation web shells. #nsacyber
OSCP-Human-Guide
My own OSCP guide
Red-Team-links
2019年红队资源链接,资源不是本人整理出来,来自互联网,因为流传的少,特意在此做个备份,做个分享。
RedTeamNotes
红队笔记
safeline
长亭科技自研,基于业界领先的语义引擎检测技术,打造的简洁、易用的免费 WAF
sec-chart
安全思维导图集合
sec-interview
信息安全面试题汇总
Sec-Tools-List
渗透测试中的一些开源工具按照Att&ck 流程进行归类
SSTap-Rule
支持更多游戏规则,让SSTap成为真正的“网游加速器”
youtube-dl
Command-line program to download videos from YouTube.com and other video sites