New ways of breaking app-integrated LLMs

[CCS'24] A dataset consists of 15,140 ChatGPT prompts from Reddit, Discord, websites, and open-source datasets (including 1,405 jailbreak prompts).

Universal and Transferable Attacks on Aligned Language Models

The Security Toolkit for LLM Interactions

Papers and resources related to the security and privacy of LLMs 🤖

Galah: An LLM-powered web honeypot.

Official repository for our NeurIPS 2023 paper "Paraphrasing evades detectors of AI-generated text, but retrieval is an effective defense" (https://arxiv.org/abs/2303.13408).

[WIP] 整理过去我和K8s、容器、虚拟化相关的分享 🧐

猫抓 浏览器资源嗅探扩展 / cat-catch Browser Resource Sniffing Extension

A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.

dperf: High-Performance Network Load Testing Tool Based on DPDK

经济学相关专业资料集

Proactive, Open source API security → API discovery, API Security Posture, Testing in CI/CD, Test Library with 1000+ Tests, Add custom tests, Sensitive data exposure

scalpel是一款命令行漏洞扫描工具，支持深度参数注入，拥有一个强大的数据解析和变异算法，可以将常见的数据格式（json, xml, form等）解析为树结构，然后根据poc中的规则，对树进行变异，包括对叶子节点和树结构 的变异。变异完成之后，将树结构还原为原始的数据格式。

Metlo is an open-source API security platform.

Authenticated Remote Command Execution in Gitlab via GitHub import

Recent Fuzzing Paper

Improve the security of your API by detecting common vulnerabilities as defined by OWASP and enforced with Spectral.

网络安全类公众号推荐，欢迎大家推荐

The Magic Mask for Android

Checklist of the most important security countermeasures when designing, testing, and releasing your API

🧡 Everything is RSSible

网络安全、信息安全资讯的RSS订阅，网络安全、信息安全博客的RSS订阅，网络安全、信息安全公众号的RSS订阅

Nginx + TTRSS / FreshRSS + RSSHub 整合 docker 容器化一键部署方案.

a CLI that provides a generic automation layer for assessing the security of ML models

Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.

KunLun-M是一个完全开源的静态白盒扫描工具，支持PHP、JavaScript的语义扫描，基础安全、组件安全扫描，Chrome Ext\Solidity的基础扫描。

CATS is a REST API Fuzzer and negative testing tool for OpenAPI endpoints. CATS automatically generates, runs and reports tests with minimum configuration and no coding effort. Tests are self-heali…

Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64.