zhangyd-c's Stars
danielmiessler/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
nextauthjs/next-auth
Authentication for the Web.
aquasecurity/trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Lissy93/web-check
🕵️♂️ All-in-one OSINT tool for analysing any website
projectdiscovery/nuclei
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
cure53/DOMPurify
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
alyssaxuu/screenity
The free and privacy-friendly screen recorder with no limits 🎥
electerm/electerm
📻Terminal/ssh/telnet/serialport/RDP/VNC/sftp client(linux, mac, win)
prowler-cloud/prowler
Prowler is an Open Cloud Security tool for AWS, Azure, GCP and Kubernetes. It helps for continuos monitoring, security assessments and audits, incident response, compliance, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more.
chaitin/xray
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
dexidp/dex
OpenID Connect (OIDC) identity and OAuth 2.0 provider with pluggable connectors
anchore/grype
A vulnerability scanner for container images and filesystems
aquasecurity/kube-bench
Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark
jeremylong/DependencyCheck
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
anchore/syft
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
Moriafly/SaltPlayerSource
Salt Player for Android Release, Feedback.
camunda/camunda-bpm-platform
C7 CE enters EOL in October 2025. Please check out C8 https://github.com/camunda/camunda – Flexible framework for workflow and decision automation with BPMN and DMN. Integration with Quarkus, Spring, Spring Boot, CDI.
camunda/camunda
Process Orchestration Framework
SonicCloudOrg/sonic-server
🎉Back end of Sonic cloud real machine platform. Sonic云真机平台后端服务。
jiji262/tianya-docs
精心收集的天涯神贴,不带水印,方便阅读
TideSec/WDScanner
WDScanner平台目前实现了如下功能:分布式web漏洞扫描、客户管理、漏洞定期扫描、子域名枚举、端口扫描、网站爬虫、暗链检测、坏链检测、网站指纹搜集、专项漏洞检测、代理搜集及部署等功能。
EASY233/Finger
一款红队在大量的资产中存活探测与重点攻击系统指纹探测工具
camunda/camunda-modeler
An integrated modeling solution for BPMN, DMN and Forms based on bpmn.io.
wwl012345/PasswordDic
渗透测试常用密码字典合集(持续更新)
zzzteph/weakpass
Weakpass collection of tools for bruteforce and hashcracking
camunda/camunda-platform
Links to Camunda Platform 8 resources, releases, and local development config
WICG/dbsc
qqqil/books
我读过的书。嘿嘿,分享给你。
camunda-community-hub/camunda-7-webapp-translations
The extension provides translations in 16 different languages (e.g., Japanese, Danish, Nepali, etc.) for Camunda 7 Tasklist, Cockpit Basic/Full, and Admin.
HummerRisk/cloud-custodian
Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources