Pinned Repositories
godlp
sensitive information protection toolkit
semgrep
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
awesome-data-security-cn
awesome data security methodology and practice
GPTSecurity
塑造未来的安全领域智能革命
ICSScan
Graduation Project : ICS Vulnerability Scanner
icstools
ics security tools
lvs-autoload
自动调节lvs负载均衡策略,使其整个集群框架都均衡起来
ngx_lua_waf
ngx_lua_waf是一个基于lua-nginx-module(openresty)的web应用防火墙
opman-tornado
运维管理
security-guide-for-developers
Security Guide for Developers (实用性开发人员安全须知)
tuhaolam's Repositories
tuhaolam/awesome-data-security-cn
awesome data security methodology and practice
tuhaolam/GPTSecurity
塑造未来的安全领域智能革命
tuhaolam/awesome-devsecops
An authoritative list of awesome devsecops tools with the help from community experiments and contributions.
tuhaolam/awesome-privacy-chinese
[WIP]国内隐私合规技术交流
tuhaolam/Awesome-Red-Teaming
List of Awesome Red Teaming Resources
tuhaolam/awesome-risk-management
tuhaolam/awesome-yara
A curated list of awesome YARA rules, tools, and people.
tuhaolam/awesome-zero-trust-cn
awesome zero trust methodology and practice
tuhaolam/Benchmark
OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually exploitable, it’s a fair test for any kind of vulnerability detection tool. For more details on this project, please see the OWASP Benchmark Project home page.
tuhaolam/codeql-javascript-unsafe-jquery-plugin
tuhaolam/codeql-uboot
tuhaolam/demo_test
tuhaolam/django-todo
A multi-user, multi-group todo/ticketing system for Django projects. Includes CSV import and integrated mail tracking.
tuhaolam/DNSLog-Platform-Golang
DNSLOG平台 golang 一键启动版
tuhaolam/godoc-repair
godoc repairman - repair code documentation with godoc format
tuhaolam/Hacking-with-Go
Golang for Security Professionals
tuhaolam/IPinfo
整合多接口的IP查询工具。
tuhaolam/Loki
Loki - Simple IOC and Incident Response Scanner
tuhaolam/maching-learning-for-web_security
web安全机器学习入门
tuhaolam/monkey
Infection Monkey - An automated pentest tool
tuhaolam/nuclei_gpt
Chat automates Nuclei template generation
tuhaolam/OpsManage
自动化运维平台: 代码及应用部署CI/CD、资产管理CMDB、计划任务管理平台、SQL审核|回滚、任务调度、站内WIKI
tuhaolam/pentest-wiki
PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.
tuhaolam/PHP-Audit-Labs
一个关于PHP的代码审计项目
tuhaolam/ThinkPHP-Vuln
关于ThinkPHP框架的历史漏洞分析集合
tuhaolam/trivy
A Simple and Comprehensive Vulnerability Scanner for Containers, Suitable for CI
tuhaolam/vulnerable-node
A very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of security analyzers tools tools
tuhaolam/vulscan-1
vulscan 扫描系统:最新的poc&exp漏洞扫描,redis未授权、敏感文件、java反序列化、tomcat命令执行及各种未授权扫描等...
tuhaolam/WebMap
WebMap-Nmap Web Dashboard and Reporting
tuhaolam/xsshunter
The XSS Hunter service - a portable version of XSSHunter.com