The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

Run PowerShell command without invoking powershell.exe

A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks

DKMC - Dont kill my cat - Malicious payload evasion tool

A Pythonic framework for threat modeling

Scripts I use during pentest engagements.

Docker image with Meinheld and Gunicorn for Flask applications in Python.

🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.

A grammar-based custom mutator for AFL++

一款Web在线自动免杀工具

a low(zero) cost threat intelligence&response tool against phishing domains

A python based cross-platform tool that automates the process of detecting and exploiting error-based injection security flaws.

Create a netflix-like service using Django. Learn advanced Django techniques to achieve amazing results like never before.

WgpSec Team IGScan 一款信息收集工具

APT2 is a pentest automation framework that can be used to assist pentesters, blue team members, and others in identifying easily exploitable issues and common attack paths.

Creating infrastructure and running applications using different platforms