#
S4ndxBeGrasped
Follow
Lists (6)
Starred repositories
CodeQLpy是一款基于CodeQL实现的半自动化代码审计工具,目前仅支持java语言。实现从源码反编译,数据库生成,脆弱性发现的全过程,可以辅助代码审计人员快速定位源码可能存在的漏洞。
Android APP漏洞之战系列,主要讲述如何快速挖掘APP漏洞
EDR & Antivirus Bypass to Gain Shell Access
一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
针对SpringBoot的开源渗透框架,以及Spring相关高危漏洞利用工具
HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite
Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64.
该资源为系统安全和逆向分析实验,包括作者从零学习恶意代码分析、病毒逆向分析的工具及样本,基础性文章,希望对您有所帮助~
OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by t…
♾️ Collection of DevSecOps Notes + Resources + Courses + Tools
veinmind-tools 是由长亭科技自研,基于 veinmind-sdk 打造的容器安全工具集
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
Fragtunnel is a proof-of-concept (PoC) TCP tunnel tool that you can use to tunnel your application's traffic and bypass next-generation firewalls en route to the target.
BCC - Tools for BPF-based Linux IO analysis, networking, monitoring, and more
mysql-sniffer is a network traffic analyzer tool for mysql, it is developed by Qihoo DBA and infrastructure team
vArmor is a cloud native container sandbox system based on AppArmor/BPF/Seccomp. It also includes multiple built-in protection rules that are ready to use out of the box.
一款支持自定义的 Java 内存马生成工具|A customizable Java in-memory webshell generation tool.
《Go语言安全-只有Go安全才能拯救地球》Only Golang Security Can Save The Earth.
Alternative Shellcode Execution Via Callbacks
A curated list of GPT agents for cybersecurity