sunsunk's Stars
sunsunk/Gupacker
sunsunk/KubeSec
We open source KubeSec in this repository to fully identify the risk of over-authorization in TPA and TPCs containing vulnerabilities in the Kubernetes ecosystem.
monkbai/DNN-decompiler
BTD - Bin To DNN: A DNN Executables Decompiler
FairwindsOps/polaris
Validation of best practices in your Kubernetes clusters
sunsunk/RESTLess
We open source the prototype of RESTLess. RESTLess is a generic framework for improving the efficiency of REST API Fuzzing.
puppet-meteor/MINER
MINER provided by the paper "MINER: A Hybrid Data-Driven Approach for REST API Fuzzing"
binary-husky/gpt_academic
为GPT/GLM等LLM大语言模型提供实用化交互接口,特别优化论文阅读/润色/写作体验,模块化设计,支持自定义快捷按钮&函数插件,支持Python和C++等项目剖析&自译解功能,PDF/LaTex论文翻译&总结功能,支持并行问询多种LLM模型,支持chatglm3等本地模型。接入通义千问, deepseekcoder, 讯飞星火, 文心一言, llama2, rwkv, claude2, moss等。
seclab-fudan/APIGraph
Building relation graph of Android APIs to catch the semantics between APIs, and used to enhancing Android malware detectors
TomAPU/Win2K3
网上泄露的 Windows 2003 source code
TomAPU/Summit_PPT
各种安全大会PPT PDF
TomAPU/password_brute_dictionary
口令爆破字典,有键盘组合字典、拼音字典、字母与数字混合这三种类型
TomAPU/poc_and_exp
搜集的或者自己写的poc或者exp
TomAPU/iBooks
计算机图书,java,mysql,架构类,web
codingsoo/REST_Go
WebFuzzing/EvoMaster
The first open-source AI-driven tool for automatically generating system-level test cases (also known as fuzzing) for web/enterprise applications. Currently targeting whitebox and blackbox testing of Web APIs, like REST, GraphQL and RPC (e.g., gRPC and Thrift).
prosyslab/tracer
Signature-based Static Analysis for Detecting Recurring Vulnerabilities
Esonhugh/Attack_Code
文章 Attack Code 的详细全文。安全和开发总是具有伴生属性,尤其是云的安全方向,本篇文章是希望能帮助到读者的云安全入门材料。Full text of the article Attack Code. Security and development always have concomitant attributes, and this is especially true with the security direction of the cloud. This article is an introduction to cloud security that I hope will help readers.
LiaoWenzhe/dataRisk-detection-resources
机器学习+大数据+数据安全:数据安全ai智能风险监测,风控,反欺诈,,api安全,web安全资料收集,致力于打造智能数据安全领域领先的学习资料库,收集不易,欢迎star。 Machine learning + big data + data security: data security AI intelligent risk monitoring, web / api security, risk control data collection, is committed to building a leading learning database in the field of intelligent data security.
xiaoy-sec/Pentest_Note
渗透测试常规操作记录
microsoft/restler-fuzzer
RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.
teamssix/awesome-cloud-security
awesome cloud security 收集一些国内外不错的云安全资源,该项目主要面向国内的安全人员
Metarget/metarget
Metarget is a framework providing automatic constructions of vulnerable infrastructures.
HXSecurity/TerraformGoat
TerraformGoat is HXSecurity research lab's "Vulnerable by Design" multi cloud deployment tool.
Dongdongshe/K-Scheduler
A universal seed scheduler for fuzzers (LibFuzzer and AFL havoc mode) and concolic execution engine (qsym).
google/AFL
american fuzzy lop - a security-oriented fuzzer
occia/apicraft
Prototype of the paper "APICraft: Fuzz Driver Generation for Closed-source SDK Libraries".
hustdebug/scavenger
QEMU escape code
hustdebug/v-shuttle
ZJU-SEC/AbstractResourceAttack
This repository is used to analysis the shared resources of different containers
Metarget/cloud-native-security-book
《云原生安全:攻防实践与体系构建》资料仓库