神级Cursor Rule

COUN7ER is a researched and curated collection of atomic actions that incident responders can take to contain and evict adversary agency within their networks and assets.

A lightweight GPT model, trained to discover subdomains.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

A curation of awesome papers, datasets and tools about network traffic analysis.

Elasticsearch EQL and GPT CLI POC

This is the repo of the research paper, "Evaluating Shallow and Deep Neural Networks for Network Intrusion Detection Systems in Cyber Security".

一款专注于 Java 主流 Web 中间件的内存马快速生成工具，致力于简化安全研究人员和红队成员的工作流程，提升攻防效率

A pure Unix shell script implementing ACME client protocol

Vulhub Vulnerability Reproduction Designated Platform

该资源是各种溯源图相关的论文和资源总结（含PPT），涉及APT攻击检测、入侵检测、流量日志检测、系统安全等领域，希望对大家有所帮助~

一款支持自定义的 Java 内存马生成工具｜A customizable Java in-memory webshell generation tool.

Process-aware, eBPF-based tcpdump

Teragrep PCRE 2 Library for Java

Universal and Transferable Attacks on Aligned Language Models

Collect JSP webshell of various implementation methods. 梳理和发现的JSP Webshell各种姿势

Defeating Windows User Account Control

BTrace - a safe, dynamic tracing tool for the Java platform

Static detection tool for runc and Docker "Leaky Vessels" vulnerabilities

Real - time non-invasive AOP framework container based on JVM

ZincSearch . A lightweight alternative to elasticsearch that requires minimal resources, written in Go.

内存马检测工具

Java Agent is a Java application probe of DongTai IAST, which collects method invocation data during runtime of Java application by dynamic hooks.

[WIP] 整理过去我和K8s、容器、虚拟化相关的分享 🧐

专注于JVM的运行时防御系统RASP

Performant type-checking for python.

A framework for developing alerting and detection strategies for incident response.

dperf: High-Performance Network Load Testing Tool Based on DPDK

A byte code analyzer for finding deserialization gadget chains in Java applications

拼多多apk内嵌提权代码，及动态下发dex分析