Scans Software Bill of Materials (SBOMs) for security vulnerabilities

Scripts for interacting with MSRC portal data

A PoC that the USB port is an attack surface for a Mazda car's infotainment system and how Mazda hacks are made

Wannacry in-memory key recovery

Pre-Built Vulnerable Environments Based on Docker-Compose

快速搭建各种漏洞环境(Various vulnerability environment)

Free Security and Hacking eBooks

Repository of yara rules

Decrypted content of odd.tar.xz.gpg, swift.tar.xz.gpg and windows.tar.xz.gpg

Decrypted content of eqgrp-auction-file.tar.xz

Metasploit Framework

APT & CyberCriminal Campaign Collection

Struts Apache 2 based honeypot as well as a detection module for Apache 2 servers

Main Sigma Rule Repository

Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events…

从零开始内网渗透学习

Twitter for Python!

Subdomain Analyzer

Machine Learning、Deep Learning、PostgreSQL、Distributed System、Node.Js、Golang

BinNavi is a binary analysis IDE that allows to inspect, navigate, edit and annotate control flow graphs and call graphs of disassembled code.

Scripts for Bro IDS and ELK Stack

Threat Analysis, Reconnaissance, and Data Intelligence System

Docker Container for Scumblr (github.com/netflix/scumblr)

Wooyun查询系统

A very simple way to find out which SSL ciphersuites are supported by a target.

SMBMap is a handy SMB enumeration tool

SQLi-Hunter is a simple HTTP / HTTPS proxy server and a SQLMAP API wrapper that makes digging SQLi easy.

HTTP weak pass scanner