Pinned Repositories
1000php
1000个PHP代码审计案例(2016.7以前乌云公开漏洞)
2021hvv_vul
2021hvv漏洞汇总
angr
A powerful and user-friendly binary analysis platform!
ApplicationInspector
A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.
archerysec
Centralize Vulnerability Assessment and Management for DevSecOps Team
attack-datasources
This content is analysis and research of the data sources currently listed in ATT&CK.
attack-navigator
Web app that provides basic navigation and annotation of ATT&CK matrices
attack-website
MITRE ATT&CK Website
AttackSurfaceAnalyzer
Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.
wg-security-tooling
OpenSSF Security Tooling Working Group
henryzz0's Repositories
henryzz0/syft
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
henryzz0/tern
Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBoM that Tern generates will give you a layer-by-layer view of what's inside your container in a variety of formats including human-readable, JSON, HTML, SPDX and more.
henryzz0/magma
Platform for building access networks and modular network services
henryzz0/free5gc
Open source 5G core network base on 3GPP R15
henryzz0/awesome-directed-fuzzing
A curated list of awesome directed fuzzing research papers
henryzz0/FACT_core
Firmware Analysis and Comparison Tool
henryzz0/open5gs
Open5GS is a C-language Open Source implementation for 5G Core and EPC, i.e. the core network of LTE/NR network (Release-16)
henryzz0/spdx-sbom-generator
Support CI generation of SBOMs via golang tooling.
henryzz0/papers
Academic papers and articles that I read related to web hacking, fuzzing, etc. / 阅读过的Web安全方向、模糊测试方向的一些论文与阅读笔记
henryzz0/awesome-iot
Awesome IoT. A collaborative list of great resources about IoT Framework, Library, OS, Platform
henryzz0/awesome-sbom
A curated list of SBOM (Software Bill Of Materials) related tools, frameworks, blogs, podcasts, and articles
henryzz0/awesome-5g
Awesome lists about 5G projects.
henryzz0/SBOM
Examples and proof-of-concept for Software Bill of Materials (SBOM) code & data
henryzz0/Awesome-Binary-Similarity
An awesome & curated list of binary code similarity papers
henryzz0/Awesome-Fuzzing
A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.
henryzz0/routersploit
Exploitation Framework for Embedded Devices
henryzz0/software_supply_chain_papers
This repository contains a list of papers about software supply chain
henryzz0/ghidra
Ghidra is a software reverse engineering (SRE) framework
henryzz0/OVALRepo
henryzz0/awesome-sca
A curated list of Software Component Analysis (SCA) books, courses - free and paid, videos, tools, and tutorials.
henryzz0/processhacker
A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware.
henryzz0/Awesome-AFL
A curated list of different AFL forks and AFL inspired fuzzers with detailed equivalent academic papers and AFL-fuzzing tutorials
henryzz0/awesome-public-datasets
A topic-centric list of HQ open datasets.
henryzz0/software-supply-chain-compromises
A dataset of software supply chain compromises. Please help us maintain it!
henryzz0/awesome-sca-1
A comprehensive list of software composition analysis tools.
henryzz0/exp-hub
漏洞仓库(环境搭建、漏洞复现、批量脚本、漏洞扫描)
henryzz0/AttackWebFrameworkTools
本软件首先集成危害性较大前台rce(无需登录,或者登录绕过执行rce)。反序列化(利用链简单)。上传getshell。sql注入等高危漏洞直接就可以拿权限出数据。其次对一些构造复杂exp漏洞进行检测。傻瓜式导入url即可实现批量测试,能一键getshell检测绝不sql注入或者不是只检测。其中thinkphp 集成所有rce Exp Struts2漏洞集成了shack2 和k8 漏洞利用工具所有Exp并对他们的exp进行优化和修复此工具的所集成漏洞全部是基于平时实战中所得到的经验从而写入到工具里。例如:通达oA一键getshell实战测试 struts2一键getshell 等等
henryzz0/woodpecker-framwork-release
高危漏洞精准检测与深度利用框架
henryzz0/Vulnerability
此项目将不定期从棱角社区对外进行公布一些最新漏洞。
henryzz0/SONiC
Landing page for Software for Open Networking in the Cloud (SONiC) - http://azure.github.io/SONiC/