收集整理漏洞EXP/POC,大部分漏洞来源网络，目前收集整理了1400多个poc/exp，长期更新。

cloudflare socks5 server

Free ChatGPT Site List 这儿为你准备了众多免费好用的ChatGPT镜像站点

📦 Make security testing of K8s, Docker, and Containerd easier.

一款完全被动监听的谷歌插件，用于高危指纹识别、蜜罐特征告警和拦截、机器特征对抗

Credentials recovery project

Pilot program for CVE submission through GitHub. CVE Record Submission via Pilot PRs ending 6/30/2023

A CAT called tabby ( Code Analysis Tool )

ThinkPHP漏洞综合利用工具, 图形化界面, 命令执行, 一键getshell, 批量检测, 日志遍历, session包含,宝塔绕过

Checklist of the most important security countermeasures when designing, testing, and releasing your API

Red Teaming & Pentesting checklists for various engagements

Java Decompile Tool GUI-JAVA反编译工具（界面版）

免杀webshell生成工具

GAS 漏洞利用框架

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

内网自动化快速打点工具｜资产探测｜漏洞扫描｜服务扫描｜弱口令爆破

The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.

HTTP Protocol Stack Remote Code Execution Vulnerability CVE-2022-21907

rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM/ARM64 binaries.

项目是根据LandGrey/SpringBootVulExploit清单编写，目的hvv期间快速利用漏洞、降低漏洞利用门槛。

SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list

红/蓝队环境自动化部署工具 | Red/Blue team environment automation deployment tool

Attack Surface Management & Red Team Simulation Platform 互联网攻击面管理&红队模拟平台

Nginx configuration static analyzer

安全思维导图集合

网络安全类公众号推荐，欢迎大家推荐

推箱子游戏（Windows/MFC）