FT3: Fraud Tools, Tactics, and Techniques Framework

gpt-oss-120b and gpt-oss-20b are two open-weight language models by OpenAI

Operation Archive - Saving the history behind Cybercriminal Arrests, Documentation, Raids, Seizures, and more!

A small collection of potentially useful contract templates

CodeQL workshop presented during OrangeCon 2024 in Amsterdam. Learn how to use CodeQL for security research.

Proof of Concepts for unsafe deserialization in Ruby

Collection of community-driven CodeQL query, library and extension packs

收集、整理、修改互联网上公开的漏洞POC

A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.

Our mission is to catalyze sustainable improvements to critical open source software projects and ecosystems.

Small and highly portable detection tests based on MITRE's ATT&CK.

CodeQL zero to hero blog post series challenges

CodeQL database manager

Manage Android machines with pre-defined behaviors for Cyber Range environments.

Gather and update all available and newest CVEs with their PoC.

A command line tool and library for transferring data with URL syntax, supporting DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP…

Python source code auditing and static analysis on a large scale

Vulnerabilities of Goby supported with exploitation.

a Damn Vulnerable Serverless Application

Fastjson <= 1.2.47 远程命令执行漏洞利用工具及方法

A curated list of argument injection vectors

A work-in-progress Idea to generate stories where your own children are the main characters

SARIF Microsoft Visual Studio Viewer Extension

GitHub token permissions Monitor and Advisor actions

Run CodeQL queries at scale using Multi-Repository Variant Analysis (MRVA)

A GitHub Security Lab initiative, providing an in-repo learning experience, where learners secure intentionally vulnerable code.

gh-cdr