Liu Peng's repositories
buy-all-games
see how much does it cost to buy all games in the world
adversary_emulation_library
An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
big-list-of-naughty-strings
The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
blind-sql-injector
A handy tool for the exploit of blind SQL injection vulnerability
bug-hunt-templates
Repository to house markdown templates for researchers
command-injection-payload-list
🎯 Command Injection Payload List
django-rest-react
This project is still WIP. We will be building a vulnerable application with django RFM with react.js frontend.
DjangoGoat
An intentionally vulnerable django app, to help django developers learn security testing
learnjavabug
Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。
lets-be-bad-guys
A deliberately-vulnerable website and exercises for teaching about the OWASP Top 10
OSCE-Complete-Guide
OSWE, OSEP, OSED
pentest-tools
A collection of custom security tools for quick needs.
PentestGPT
A GPT-empowered penetration testing tool
pygoat
intentionally vuln web Application Security in django
sast-integration
This repo is used to play with different SAST tools
secDevLabs
A laboratory for learning secure web and mobile development in a practical manner.
skf-labs
Repo for all the OWASP-SKF Docker lab examples
the-way-to-go_ZH_CN
《The Way to Go》中文译本,中文正式名《Go 入门指南》
vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
yookiterm-challenges-files
Challenge files which are deployed in the container for the user
yookiterm-slides
Exploitation and Mitigation Slides