🔐CNCF Security Technical Advisory Group -- secure access, policy control, privacy, auditing, explainability and more!

Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as wel…

This project was conducted by the 10th KITRI BoB (Best of the Best), and recorded what we have done for vulnerability analysis of drones.

MS17-010

A repository of tools for pentesting of restricted and isolated environments.

GhostTunnel is a covert backdoor transmission method that can be used in an isolated environment.

Some IOT Integration of Technical Articles

Practical Ethical Hacking Labs 🗡🛡

☕️ Java Security，安全编码和代码审计

awesome-java-security-checklist(关于Java安全方面,Java基础/审计/修复/设计/规范)

D-Eyes为M-SEC社区一款检测与响应工具

泛微最近的漏洞利用工具（PS：2023）

An open source tool focused on software supply chain security. 墨菲安全专注于软件供应链安全，具备专业的软件成分分析（SCA）、漏洞检测、专业漏洞库。

Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

Proof of Concepts

一个拦截 XSSI & 识别Web蜜罐的Chrome扩展

HCM宏景加解密工具

亿赛通电子文档安全管理系统-/UploadFileFromClientServiceForClient 任意文件上传漏洞

🔥🔥🔥持续更新的特征库. 2023hw

各种漏洞批量扫描poc、exp，涵盖未授权、RCE、文件上传、sql注入、信息泄露等

遵守规章制度关闭项目-使用JAVAFX图形化界面检测对HVV中常见的重点CMS系统和OA系统的已公开的漏洞进行验证。

Web安全工程师/信息安全工程师/渗透测试工程师 面试题库

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

GitHub 泄露监控系统(GitHub Sensitive Information Leakage Monitor Spider)

Veil 3.1.X (Check version info in Veil at runtime)

Veil Evasion is no longer supported, use Veil 3.0!

Some notes and examples for cobalt strike's functionality

KunLun-M是一个完全开源的静态白盒扫描工具，支持PHP、JavaScript的语义扫描，基础安全、组件安全扫描，Chrome Ext\Solidity的基础扫描。

一款内网综合扫描工具，方便一键自动化、全方位漏扫扫描。

Bypass firewall for traffic forwarding using webshell 一款使用webshell进行流量转发的出网工具