A list of SaaS, PaaS and IaaS offerings that have free tiers of interest to devops and infradev

计算机自学指南

An advanced guide to learn English which might benefit you a lot 🎉 . 离谱的英语学习指南/英语学习教程/英语学习/学英语

你管这破玩意叫操作系统源码 — 像小说一样品读 Linux 0.11 核心代码

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

A list of public penetration test reports published by several consulting firms and academic security groups.

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous …

Gather and update all available and newest CVEs with their PoC.

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve…

Web-Security-Learning

A Security Tool for Bug Bounty, Pentest and Red Teaming.

Go source code analysis(zh-cn)

有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file

Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)

Security-related Slide Presentation & Security Research Report（大安全各领域各公司各会议分享的PPT以及各类安全研究报告）

Web Fuzzing Box - Web 模糊测试字典与一些Payloads

🔐CNCF Security Technical Advisory Group -- secure access, policy control, privacy, auditing, explainability and more!

一个基于 docsify 快速部署 Awesome-POC 漏洞文档的项目。Deploying the Awesome-POC repository via docsify.

A dashboard UI for Node-RED

爬取secwiki和xuanwu.github.io/sec.today,分析安全信息站点、安全趋势、提取安全工作者账号(twitter,weixin,github等)

vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.

社会工程学密码生成器，是一个利用个人信息生成密码的工具

the transparent ransomware claim tracker 🥷🏼🧅🖥️

Everything for pentest. | 用于渗透测试的 payload 和 bypass 字典.

Java漏洞学习笔记 Deserialization Vulnerability

Lateral movement

Microsoft » Windows 10 : Security Vulnerabilities

[Service is DOWN now] A badge generator service to count visitors of your markdown file.

Powershell攻击指南----黑客后渗透之道