MLGBSec's Stars
projectdiscovery/nuclei
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
HackTricks-wiki/hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
WebStackPage/WebStackPage.github.io
❤️静态响应式网址导航网站 - webstack.cc
guchangan1/All-Defense-Tool
本项目集成了全网优秀的攻防武器工具项目,包含自动化利用,子域名、目录扫描、端口扫描等信息收集工具,各大中间件、cms、OA漏洞利用工具,爆破工具、内网横向、免杀、社工钓鱼以及应急响应、甲方安全资料等其他安全攻防资料。
secfigo/Awesome-Fuzzing
A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.
zan8in/afrog
A Security Tool for Bug Bounty, Pentest and Red Teaming.
Neo23x0/signature-base
YARA signature and IOC database for my scanners and tools
LoRexxar/Kunlun-M
KunLun-M是一个完全开源的静态白盒扫描工具,支持PHP、JavaScript的语义扫描,基础安全、组件安全扫描,Chrome Ext\Solidity的基础扫描。
Bypass007/Safety-Project-Collection
收集一些比较优秀的开源安全项目,以帮助甲方安全从业人员构建企业安全能力。
chainreactors/gogo
面向红队的, 高度可控可拓展的自动化引擎
NotSoSecure/password_cracking_rules
One rule to crack all passwords. or atleast we hope so.
0xJs/RedTeaming_CheatSheet
Pentesting cheatsheet with all the commands I learned during my learning journey. Will try to to keep it up-to-date.
tongcheng-security-team/NextScan
飞刃是一套完整的企业级黑盒漏洞扫描系统,集成漏洞扫描、漏洞管理、扫描资产、爬虫等服务。 拥有强大的漏洞检测引擎和丰富的插件库,覆盖多种漏洞类型和应用程序框架。
ffffffff0x/AboutSecurity
Everything for pentest. | 用于渗透测试的 payload 和 bypass 字典.
ax1sX/SecurityList
A list for Web Security and Code Audit
redcanaryco/mac-monitor
Red Canary Mac Monitor is an advanced, stand-alone system monitoring tool tailor-made for macOS security research. Beginning with Endpoint Security (ES), it collects and enriches system events, displaying them graphically, with an expansive feature set designed to reduce noise.
Ivan1ee/NET-Deserialize
总结了20+.Net反序列化文章,持续更新
0x783kb/Security-Operation-Book
常见的攻击行为监测特征及方法,涵盖端点和流量,未包含PowerShell和Sysmon。预祝运营生活愉快!
nop-tech/OSED
Containing my notes, practice binaries + solutions, blog posts, etc. for the Offensive Security Exploit Developer (OSED/EXP-301)
moyuwa/ApkCheckPack
apk文件加固特征检查工具,汇总收集已知特征和手动收集大家提交的app加固特征,目前总计约170条特征,支持40个厂商的加固检测,欢迎大家提交无法识别的app
ScorpionesLabs/MSSqlPwner
xaitax/PatchaPalooza
A comprehensive tool that provides an insightful analysis of Microsoft's monthly security updates.
MFMokbel/Crawlector
Crawlector is a threat hunting framework designed for scanning websites for malicious objects.
AV1080p/PoCorExp
PoC or Exp Of Vulnerability
PwnAwan/EXP-401-OSEE
A bunch of resources to prepare for the OSEE certification, Offensive Security's hardest course.
yemoli/YML-AWD-FRAME-FOR-BUGKU
[Bugku-AWD专版]一款用于AWD比赛中的自动化攻击框架
wpsec/wpdict
自用字典
mrtouch93/OSED-Notes
Some notes + exercises that I've done during my study for the Offensive Security Exploit Developer.
dn4hc/CREST-Exam-Prep
Cheatsheets and write ups for the CREST CRT and CCT Exams.
mingzizhendebuhaoqu/Awesome-Fuzzing
A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.