Pinned Repositories
Agora-Flutter-SDK
Flutter wrapper around the Agora RTC SDKs for Android and iOS
Application-Security-Engineer-Interview-Questions
Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
Astra
Automated Security Testing For REST API's 接口安全自动化测试
awvs-decode
The best and easiest way to decode and repack AWVS scripts. AWVS 最好、最简单、最新的解码/再打包方法,仅15行代码!
Basic-Video-Call
Sample app to join/leave a channel, mute/unmute, enable/disable the video, and switch between front/rear cameras.
Benchmarks
常用服务器、数据库、中间件安全配置基线 - 基本包括了所有的操作系统、数据库、中间件、网络设备、浏览器,安卓、IOS、云的安全配置 For benchmarks.cisecurity.org
bingtangcheng
cis-docker-benchmark
CIS Docker Benchmark - InSpec Profile
copyfighter
Statically analyzes Go code and reports functions that are passing large structs by value
cppcheck
static analysis of C/C++ code
lalaladema's Repositories
lalaladema/Agora-Flutter-SDK
Flutter wrapper around the Agora RTC SDKs for Android and iOS
lalaladema/Application-Security-Engineer-Interview-Questions
Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
lalaladema/Astra
Automated Security Testing For REST API's 接口安全自动化测试
lalaladema/awvs-decode
The best and easiest way to decode and repack AWVS scripts. AWVS 最好、最简单、最新的解码/再打包方法,仅15行代码!
lalaladema/Basic-Video-Call
Sample app to join/leave a channel, mute/unmute, enable/disable the video, and switch between front/rear cameras.
lalaladema/Benchmarks
常用服务器、数据库、中间件安全配置基线 - 基本包括了所有的操作系统、数据库、中间件、网络设备、浏览器,安卓、IOS、云的安全配置 For benchmarks.cisecurity.org
lalaladema/bingtangcheng
lalaladema/cis-docker-benchmark
CIS Docker Benchmark - InSpec Profile
lalaladema/copyfighter
Statically analyzes Go code and reports functions that are passing large structs by value
lalaladema/cppcheck
static analysis of C/C++ code
lalaladema/ddos
ddos attact
lalaladema/engineering-Box
engineering Box (简称 - engineering) 是一个集合github平台上的安全行业从业者自研开源扫描器的仓库,包括子域名枚举、数据库漏洞扫描、弱口令或信息泄漏扫描、端口扫描、指纹识别以及其他大型扫描器或模块化扫描器,同时该仓库只收录各位安全行业从业者自己编写的一般性开源扫描器,类似awvs、nmap、w3af等知名扫描工具不收录,收集全球各位同仁爱好者维护项目
lalaladema/Fortify
源代码漏洞の审计
lalaladema/fortify-1
Fortify enables web applications to use smart cards, local certificate stores and do certificate enrollment. This is the desktop application repository.
lalaladema/fortify-license-crack
fortify-license-crack
lalaladema/fortify-on-demand-uploader-plugin
Fortify on Demand Uploader
lalaladema/hacker101
Hacker101
lalaladema/K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
lalaladema/MCW-Security-baseline-on-Azure
MCW Security baseline on Azure
lalaladema/PasswordDic
2011-2019年Top100弱口令密码字典 Top1000密码字典 服务器SSH/VPS密码字典 后台管理密码字典 数据库密码字典
lalaladema/Resources-for-Application-Security
Some good resources for getting started with application security
lalaladema/Safety-Project-Collection
收集一些比较优秀的开源安全项目,以帮助甲方安全从业人员构建企业安全能力。
lalaladema/scaner
扫描器是来自GitHub平台的开源扫描器的集合,包括子域枚举、数据库漏洞扫描器、弱密码或信息泄漏扫描器、端口扫描器、指纹扫描器以及其他大规模扫描仪、模块扫描器等。对于其他著名的扫描工具,如:awvs、nmap,w3af将不包含在集合范围内。
lalaladema/Scanners-Box
A powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑
lalaladema/Security-Baseline
Linux/Windows 安全加固脚本
lalaladema/SecurityBaselineCheck
lalaladema/sourceCodeCheck
源码泄露扫描
lalaladema/terraform-aws-secure-baseline
Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations.
lalaladema/TrackRay
溯光 (TrackRay) 3 beta⚡渗透测试框架(资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap)
lalaladema/twint
An advanced Twitter scraping & OSINT tool written in Python that doesn't use Twitter's API, allowing you to scrape a user's followers, following, Tweets and more while evading most API limitations.