Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

A vulnerability scanner for container images and filesystems

OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by t…

ZKar is a Java serialization protocol analysis tool implement in Go.

OSV-SCALIBR: A library for Software Composition Analysis

xp_cmdshell与sp_oacreate执行命令回显和clr加载程序集执行相应操作，上传，job等相应操作。

利用阿里云oss对象存储，来转发http流量实现（cs）Cobalt Strike、msf 上线等 这之间利用阿里云的相关域名进行通信。

Dependency Parser for Multiple Programming Languages

一个用于 AI 驱动的渗透测试竞赛的**模型上下文协议 (MCP)** 服务器。该工 具提供了一个完整的 API 接口，使 LLM 能够自主参与 CTF 挑战。

该项目是通过go语言实现防止rmi利用被反置的问题。