互联网上的免费书籍

📚 免费的计算机编程类中文书籍，欢迎投稿

Metarget is a framework providing automatic constructions of vulnerable infrastructures.

⬆️ ☠️ 🔥 Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

Cross platform GUI toolkit in Go inspired by Material Design

TerraformGoat is HXSecurity research lab's "Vulnerable by Design" multi cloud deployment tool.

Find, verify, and analyze leaked credentials

DNS Enumeration Script

In-depth attack surface mapping and asset discovery

Multi-Cloud Security Auditing Tool

A lightweight server clone of Azure Storage that simulates most of the commands supported by it with minimal dependencies

PyInstaller Extractor

Dex to Java decompiler

PE解析工具

An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

RadASM v2

Scalable and efficient source of container resource metrics for Kubernetes built-in autoscaling pipelines.

An open source trusted cloud native registry project that stores, signs, and scans content.

《云原生安全：攻防实践与体系构建》资料仓库

一个想帮你总结所有类型的上传漏洞的靶场

Go by Example

🚀一款简洁高效的VuePress知识管理&博客(blog)主题

An SMB library in Go

httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.

Proof-of-Concept exploits for CVEs found by the team at Rhino Security Labs

JexBoss: Jboss (and Java Deserialization Vulnerabilities) verify and EXploitation Tool

渗透测试，渗透测试小技巧，渗透测试Tips，师傅们跟我一起维护更新吧~

HTTP/HTTP2/HTTP3/Socks4/Socks5/Shadowsocks/ShadowsocksR/SSH/Redirect/Pf TCP/UDP asynchronous tunnel proxy implemented in Python 3 asyncio.

Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-…

非付费会员，fofa数据采集工具