lcark's Stars
vulhub/java-chains
vulhub Vulnerability Reproduction Designated Platform
Acmesec/theAIMythbook
Ai迷思录(应用与安全指南)
kamranahmedse/developer-roadmap
Interactive roadmaps, guides and other educational content to help developers grow in their careers.
Pizz33/JoJoLoader
助力红队成员一键生成免杀木马,使用rust实现 | Help Redteam members generate Evasive Anti-virus software Trojan
HavocFramework/Havoc
The Havoc Framework
alipay/ant-application-security-testing-benchmark
xAST评价体系,让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".
lokerxx/JavaVul
JAVA 安全靶场,IAST 测试用例,JAVA漏洞复现,代码审计,SAST测试用例,安全扫描(主动和被动),JAVA漏洞靶场,RASP测试用例 ; Java Security Testbed, IAST Test Cases, Java Vulnerability Reproduction, Code Auditing, SAST Test Cases, Security Scanning (Active and Passive), Java Vulnerability Testbed, RASP Test Cases
outlaws-bai/Galaxy
一个想让你测试加密流量像测试明文一样简单高效的 Burp 插件。 A Burp plugin that makes testing encrypted traffic as simple and efficient as testing plaintext.
moyuwa/ApkCheckPack
apk文件加固特征检查工具,汇总收集已知特征和手动收集大家提交的app加固特征,目前总计约170条特征,支持40个厂商的加固检测,欢迎大家提交无法识别的app
winezer0/APIFinderPlus
目标是成为当下最完善的API挖掘工具,实现自动提取响应敏感信息、URI信息,并且对URI进行自动|手动递归检查
phith0n/vueinfo
Extract website information from Vue
yint-tech/sekiro-open
SEKIRO is a multi-language, distributed, network topology-independent service publishing platform. By writing handlers in their respective languages, functionalities can be published to the central API marketplace. Business systems utilize the capabilities of remote nodes through RPC.
The-Art-of-Hacking/h4cker
This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artificial intelligence security, vulnerability research, exploit development, reverse engineering, and more.
netwrix/pingcastle
PingCastle - Get Active Directory Security at 80% in 20% of the time
lc/gau
Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
madhuakula/kubernetes-goat
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
k8gege/Ladon
Ladon大型内网渗透扫描器,PowerShell、Cobalt Strike插件、内存加载、无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell,支持批量A段/B段/C段以及跨网段扫描,支持URL、主机、域名列表扫描等。网络资产探测32种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)或方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等,大量高危漏洞检测模块MS17010、Zimbra、Exchange
sottlmarek/DevSecOps
Ultimate DevSecOps library
nomi-sec/PoC-in-GitHub
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
ImranR98/Obtainium
Get Android app updates straight from the source.
edoardottt/awesome-hacker-search-engines
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
1N3/Sn1per
Attack Surface Management Platform
knownsec/404StarLink
404StarLink - 推荐优质、有意义、有趣、坚持维护的安全开源项目
future-architect/vuls
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
threat9/routersploit
Exploitation Framework for Embedded Devices
bee-san/RustScan
🤖 The Modern Port Scanner 🤖
rizinorg/cutter
Free and Open Source Reverse Engineering Platform powered by rizin
swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
deepfakes/faceswap
Deepfakes Software For All
continuedev/continue
⏩ Create, share, and use custom AI code assistants with our open-source IDE extensions and hub of models, rules, prompts, docs, and other building blocks