Pinned Repositories
0day
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新
0xUBypass
AntiAV shellcode loader
1earn
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
2023Hvv
2023 HVV情报速递~
A-Red-Teamer-diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
AboutSecurity
Everything for pentest. | 用于渗透测试的 payload 和 bypass 字典.
AtlasLdr
Reflective x64 PE/DLL Loader implemented using Dynamic Indirect Syscalls
fuzzDicts
Web Pentesting Fuzz 字典,一个就够了。
Mindmap
This repository will contain many mindmaps for cyber security technologies, methodologies, courses, and certifications in a tree structure to give brief details about them
tomfansdwdf's Repositories
tomfansdwdf/akamai-security-research
This repository includes code and IoCs that are the product of research done in Akamai's various security research teams.
tomfansdwdf/AFLplusplus
The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!
tomfansdwdf/AIL-framework
AIL framework - Analysis Information Leak framework. Project moved to https://github.com/ail-project
tomfansdwdf/al-khaser
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
tomfansdwdf/alpha-omega
Our mission is to catalyze sustainable improvements to critical open source software projects and ecosystems.
tomfansdwdf/angr
A powerful and user-friendly binary analysis platform!
tomfansdwdf/APT_REPORT
Interesting APT Report Collection And Some Special IOC
tomfansdwdf/atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
tomfansdwdf/BlueSpy
tomfansdwdf/capa-rules
Standard collection of rules for capa: the tool for enumerating the capabilities of programs
tomfansdwdf/cilium
eBPF-based Networking, Security, and Observability
tomfansdwdf/clair
Vulnerability Static Analysis for Containers
tomfansdwdf/ClickHouse
ClickHouse® is a free analytics DBMS for big data
tomfansdwdf/codechecker
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy
tomfansdwdf/cpplinks
A categorized list of C++ resources.
tomfansdwdf/CVE-2024-1086
Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.
tomfansdwdf/fuzzbench
FuzzBench - Fuzzer benchmarking as a service.
tomfansdwdf/opencti
Open Cyber Threat Intelligence Platform
tomfansdwdf/oss-fuzz
OSS-Fuzz - continuous fuzzing for open source software.
tomfansdwdf/playwright
Playwright is a framework for Web Testing and Automation. It allows testing Chromium, Firefox and WebKit with a single API.
tomfansdwdf/rr
Record and Replay Framework
tomfansdwdf/rust-course
“连续六年成为全世界最受喜爱的语言,无 GC 也无需手动内存管理、极高的性能和安全性、过程/OO/函数式编程、优秀的包管理、JS 未来基石" — 工作之余的第二语言来试试 Rust 吧。<<Rust语言圣经>>拥有全面且深入的讲解、生动贴切的示例、德芙般丝滑的内容,甚至还有JS程序员关注的 WASM 和 Deno 等专题。这可能是目前最用心的 Rust 中文学习教程 / Book
tomfansdwdf/rustup
The Rust toolchain installer
tomfansdwdf/sonar-java
:coffee: SonarSource Static Analyzer for Java Code Quality and Security
tomfansdwdf/SVF
Static Value-Flow Analysis Framework for Source Code
tomfansdwdf/vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
tomfansdwdf/Vulnerability-REsearch
Binarly Vulnerability Research Advisories
tomfansdwdf/WinDbg-Samples
Sample extensions, scripts, and API uses for WinDbg.
tomfansdwdf/Windows-classic-samples
This repo contains samples that demonstrate the API used in Windows classic desktop applications.
tomfansdwdf/yeti
Your Everyday Threat Intelligence