Come and join us, we need you!

New ways of breaking app-integrated LLMs

🐛 A list of writeups from the Google VRP Bug Bounty program

A pluggable, high-performance RPC framework written in golang

应急响应指南 / emergency response checklist

Protocol Buffer Validation - Go, Java, Python, and C++ Beta Releases!

Langflow is a low-code app builder for RAG and multi-agent AI applications. It’s Python-based and agnostic to any model, API, or database.

Tools and our test data developed for the HackAPrompt 2023 competition

A rouge mysql server supports reading files from most mysql libraries of multiple programming languages.

Simple golang library for retry mechanism

A cheatsheet for exploiting server-side SVG processors.

A tool for embedding XXE/XML exploits into different filetypes

This tool is just after the first refactoring pushed. Original is from Will Vandevanter (BuffaloWill). Only rearrange the code which will eventually make it easier to maintain and add new payloads.

A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)

Plain Python implementation of the MySQL protocol. It uses asyncio, so works only with Python 3.3+. It only implements the server partfor now.

MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize

😍FeHelper--Web前端助手（Awesome！Chrome & Firefox & MS-Edge Extension, All in one Toolbox!）

A high performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar

🎥 Python and OpenCV-based scene cut/transition detection program & library.

The most scalable and customizable permission server on the market. Fix your slow or broken permission system with Google's proven "Zanzibar" approach. Supports ACL, RBAC, and more. Written in Go, …

Rogue MySql Server

BinAbsInspector: Vulnerability Scanner for Binaries

机器学习、深度学习、自然语言处理

Fair-code workflow automation platform with native AI capabilities. Combine visual building with custom code, self-host or cloud, 400+ integrations.

Scan and analyze OSS dependencies and licenses from compiled Go binaries

A lightweight tool to report on the licenses used by a Go package and its dependencies. Highlight! Versioned external URL to licenses can be found at the same time.

Collection of Facebook Bug Bounty Writeups

🐍 A toolkit for testing, tweaking and cracking JSON Web Tokens