计算机自学指南

清华大学计算机系课程攻略 Guidance for courses in Department of Computer Science and Technology, Tsinghua University

A list of public penetration test reports published by several consulting firms and academic security groups.

Gather and update all available and newest CVEs with their PoC.

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve…

Fake Location

Automate the creation of a lab environment complete with security tooling and logging best practices

朋友圈转发截图生成工具（⚠️Fork 不是收藏，请勿在贡献代码以外的情况下 Fork！）

Web-Security-Learning

有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file

Windows System Call Tables (NT/2000/XP/2003/Vista/7/8/10/11)

Windows Events Attack Samples

HTTPLeaks - All possible ways, a website can leak HTTP requests

WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.

A library of pretexts to use on offensive phishing engagements.