The OpenTF Manifesto expresses concern over HashiCorp's switch of the Terraform license from open-source to the Business Source License (BSL) and calls for the tool's return to a truly open-source …

🧠 Laws, Theories, Principles and Patterns for developers and technologists.

AI education materials for Chinese students, teachers and IT professionals.

Automate the creation of a lab environment complete with security tooling and logging best practices

Open-Source Unified Vulnerability Management, DevSecOps & ASPM

Quickly build HTML emails with Tailwind CSS.

An open collection of Python anti-patterns and worst practices.

CVE-2021-40444 PoC

Utilities for MITRE™ ATT&CK

So what is this all about? Yep, its an OSINT blog and a collection of OSINT resources and tools. Suggestions for new OSINT resources is always welcomed.

Retired beginner/intermediate malware analysis training materials from @pedramamini and @erocarrera.

Web App bug hunting

Automatically exported from code.google.com/p/domxsswiki

This is a collection of phishing templates and a landing page to be used with goPhish

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT

A highly configurable Framework for easy automated web scanning

⌨️ Wordlists, Dictionaries and Other Data Sets for Writing Software Security Test Cases

A ground-truth fuzzing benchmark suite based on real programs with real bugs.

Android application fuzzing framework with fuzzers and crash monitor.

Web 端口敲门的奇思妙想

This is an exploit for CVE-2020-0674 that runs on the x64 version of IE 8, 9, 10, and 11 on Windows 7.

Basic C2 Server

Alter Firefox's built-in privacy settings easily with a toolbar panel

Windows Graphics Device Interface (GDI+) fuzzer

Windows EoP Bugs

A HTA shell to assist with breakout assessments.

DumpTheGit searches through public repositories to find sensitive information uploaded to the Github repositories.

PoC CVE-2021-30632 - Out of bounds write in V8