whiskyy's Stars
opensec-cn/conote-community
Conote 综合安全测试平台社区版。
authelia/authelia
The Single Sign-On Multi-Factor portal for web apps
sindresorhus/pure
Pretty, minimal and fast ZSH prompt
seccome/Ehoney
安全、快捷、高交互、企业级的蜜罐管理系统,护网;支持多种协议蜜罐、蜜签、诱饵等功能。A safe, fast, highly interactive and enterprise level honeypot management system, supports multiple protocol honeypots, honeytokens, baits and other functions.
Tencent/secguide
面向开发人员梳理的代码安全指南
mo-xiaoxi/computer-network-security-papers-reading
研究生课程:计算机网络安全技术 作业汇总
assetnote/blind-ssrf-chains
An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability
vchinnipilli/kubestriker
A Blazing fast Security Auditing tool for Kubernetes
gobysec/Goby
Attack surface mapping
lijiejie/swagger-exp
A Swagger API Exploit
fit2cloud/riskscanner
RiskScanner 是开源的多云安全合规扫描平台,基于 Cloud Custodian 和 Nuclei 引擎,实现对主流公(私)有云资源的安全合规扫描和漏洞扫描。
atsushi-ishibashi/aws-alarm-metrics
huoji120/DuckMemoryScan
检测绝大部分所谓的内存免杀马
inguardians/peirates
Peirates - Kubernetes Penetration Testing tool
cdk-team/CDK
📦 Make security testing of K8s, Docker, and Containerd easier.
evilc0deooo/PentesterSpecialDict
构建并优化高效的渗透测试字典集合,以提升网络安全从业人员的测试效率和效果。
zhzyker/vulmap
Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能
semgrep/semgrep
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
cujanovic/SSRF-Testing
SSRF (Server Side Request Forgery) testing resources
HatBoy/Struts2-Scan
Struts2全漏洞扫描利用工具
insightglacier/Dictionary-Of-Pentesting
Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
VoidSec/CVE-2020-1472
Exploit Code for CVE-2020-1472 aka Zerologon
euphrat1ca/Security-List
If you have any good suggestions or comments during the search process, please feedback some index experience in issues. Thank you for your participation.查阅过程中,如果有什么好的意见或建议,请在Issues反馈,感谢您的参与。
GraxCode/JByteMod-Beta
Java bytecode editor
tillson/git-hound
Reconnaissance tool for GitHub code search. Scans for exposed API keys across all of GitHub, not just known repos and orgs.
hacklcx/HFish
安全、可靠、简单、免费的企业级蜜罐
broken5/Shots
docker/docker-bench-security
The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.
kubernetes/committee-security-response
Kubernetes Security Process and Security Committee docs
freach/kubernetes-security-best-practice
Kubernetes Security - Best Practice Guide