且行且珍惜's repositories
mytemplates
This is the place where I write Nuclei-Templates
404StarLink2.0-Galaxy
404StarLink Project 2.0 - 推荐真正优质、有意义、有趣、坚持维护的开源项目
AI-Sec-Paper-Sharing
该资源为作者AI安全相关论文的分享知识,包括PPT和PDF版本及原文,希望对您有所帮助。加油~
AI_Security_Library
Ai与Web安全相关资料的总结库,包括认为写的比较好的一些博客、项目、数据等
Automatic-permission-maintenance
CobaltStrike 上线自动权限维持插件
Benchmark
OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually exploitable, it’s a fair test for any kind of vulnerability detection tool. For more details on this project, please see the OWASP Benchmark Project home page.
CheatSheetSeries
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
fastjsonScan
fastjson漏洞burp插件,检测fastjson<=1.2.47基于dnslog和fastjson<=1.2.47的不出网检测,加入1.2.27-1.2.68 dnslog检测方案。
fawkes
Fawkes, privacy preserving tool against facial recognition systems. More info at https://sandlab.cs.uchicago.edu/fawkes
feapder
feapder是一款支持分布式、批次采集、任务防丢、报警丰富的python爬虫框架
GDA-android-reversing-Tool
GDA is a new fast and powerful decompiler in C++(working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, data decryption, and encryption, etc.
gin-vue-admin
基于gin+vue搭建的后台管理系统框架,集成jwt鉴权,权限管理,动态路由,分页封装,多点登录拦截,资源权限,上传下载,代码生成器,表单生成器,通用工作流等基础功能,五分钟一套CURD前后端代码,目前已支持VUE3,欢迎issue和pr~
HikvisionInformation
Hikvision 流媒体管理服务器敏感信息泄漏
hypervisor_research_notes
Some hypervisor research notes. There is also a useful exploit template that you can use to verify / falsify any assumptions you may make while auditing code, and for exploit development.
lanhai_rce
蓝海卓越计费管理系统rce批量扫描。
LibAFL
Advanced Fuzzing Library - Slot your Fuzzer together in Rust! Scales across cores and machines. For Windows, Android, MacOS, Linux, no_std, ...
NamedPipePTH
Pass the Hash to a named pipe for token Impersonation
NetShell-read
蓝海卓越计费管理系统任意文件读取
passcrambler
https://hasherezade.github.io/passcrambler/
PresentMon
Tool for collection and processing of ETW events related to frame presentation on Windows.
SecurityRSS
关于网络安全订阅源的推荐 - 充实你的订阅源,提高信息质量。
ShameCom
收集校招污点公司或组织,帮助学弟学妹避雷。互联网不曾遗忘!
shiro-550-with-NoCC
奇安信北京攻防团队: Shiro-550 不依赖CC链利用工具
Slides
A collection of slides from Singular Security Lab.
tabby
A CAT called tabby ( Code Analysis Tool )
thefuck
Magnificent app which corrects your previous console command.
Threathunting-book
ATT&CK理解+sigma规则研究
vulnerablecode
A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode
winnie
Winnie is an end-to-end system that makes fuzzing Windows applications easy