PDF补丁丁——PDF工具箱，可以编辑书签、剪裁旋转页面、解除限制、提取或合并文档，探查文档结构，提取图片、转成图片等等

基于Go编写的windows日志分析工具

Wiseflow is an agile information mining tool that extracts concise messages from various sources such as websites, WeChat official accounts, social platforms, etc. It automatically categorizes and …

很多镜像都在国外。比如 gcr 。国内下载很慢，需要加速。致力于提供连接全世界的稳定可靠安全的容器镜像服务。

Interesting APT Report Collection And Some Special IOC

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

🔐CNCF Security Technical Advisory Group -- secure access, policy control, privacy, auditing, explainability and more!

Binaries for the book Practical Malware Analysis

Navigate, operate, and browse faster with mouse gestures! A customizable Firefox mouse gesture add-on with a variety of different commands.

Collection of resources that are made by the Malware Research community

This map lists the essential techniques to bypass anti-virus and EDR

一款集成高危漏洞exp的实用性工具

⬆️ ☠️ 🔥 Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

📚 网安类绝版图书

This is a step-by-step guide to implementing a DevSecOps program for any size organization

毕方智能云沙箱(Bold-Falcon)是一个开源的自动化恶意软件分析系统;

golang开发的iptables web 管理程序

This project is a SIEM with SIRP and Threat Intel, all in one.

Antenna是58同城安全团队打造的一款辅助安全从业人员验证网络中多种漏洞是否存在以及可利用性的工具。其基于带外应用安全测试(OAST)通过任务的形式，将不同漏洞场景检测能力通过插件的形式进行集合，通过与目标进行out-bind的数据通信方式进行辅助检测。

JAVA 插件化漏洞扫描器，Gui基于javafx。POC 目前集成 Weblogic、Tomcat、Shiro、Spring等。

Suricata IDS rules 用来检测红队渗透/恶意行为等，支持检测CobaltStrike/MSF/Empire/DNS隧道/Weevely/菜刀/冰蝎/挖矿/反弹shell/ICMP隧道等

使用多种WinAPI进行权限维持的CobaltStrike脚本，包含API设置系统服务，设置计划任务，管理用户等。

Linux enumeration tool for pentesting and CTFs with verbosity levels

记录安全方面的笔记/工具/漏洞合集

📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

Arsenal is just a quick inventory and launcher for hacking programs

一款红队专用免杀木马生成器，基于shellcode生成绕过所有杀软的木马。