List of companies that hire security people full remote.

kernel mode anti cheat

Use Jazzer to perform fuzzy testing of Apache POI

Create your own tiny chess bot!

A web front-end for password cracking and analytics

A wordlist that is kept up to date with the latest headlines to provide relevant words to human society

🔑 Hash type identifier (CLI & lib)

A list of public penetration test reports published by several consulting firms and academic security groups.

windows-kernel-exploits Windows平台提权漏洞集合

Content Security Policy Reporting Endpoint

Opsec considerations for each AWS GuardDuty finding type.

A collection of awesome security hardening guides, tools and other resources

Web application security scanner created by lcamtuf for google - Unofficial Mirror

nodejsscan is a static security code scanner for Node.js applications.

A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.

Agile Threat Modeling Toolkit

Segment's Threat Modeling training for our engineers

The Secure Software Development Lifecycle (SSDLC) guidelines for engineering at Brightcove.

Automation for internal Windows Penetrationtest / AD-Security

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Password lists with top passwords to optimize bruteforce attacks

A container repository for my public web hacks!

Materials for OSCP exam

An `LD_PRELOAD` hack to make arbitrary programs work with systemd socket activation