This repository started out as a learning in public project for myself and has now become a structured learning map for many in the community. We have 3 years under our belt covering all things Dev…

Collections of awesome neovim plugins.

Quickly create and run optimised Windows, macOS and Linux virtual machines

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

Some setup scripts for security research tools.

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Linux privilege escalation auditing tool

VPS 融合怪服务器测评项目 更推荐使用无环境依赖的Go版本 VPS Fusion Monster Server Test Script – More recommended to use the Go version with no environment dependencies: https://github.com/oneclickvirt/ecs

Bash 教程

Git All the Payloads! A collection of web attack payloads.

An open-source, next-generation "runc" that empowers rootless containers to run workloads such as Systemd, Docker, Kubernetes, just like VMs.

[WIP] 整理过去我和K8s、容器、虚拟化相关的分享 🧐

Rockyou for web fuzzing

SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.

红/蓝队环境自动化部署工具 | Red/Blue team environment automation deployment tool

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

MacOS Big Sur style icon theme for linux desktops

grep rough audit - source code auditing tool

一分钟自建zerotier-planet

Asset inventory of over 800 public bug bounty programs.

Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)

微信公众号转RSS

CTF 工具集合

A community sourced list of log4j-affected software

一键提取安卓应用中可能存在的敏感信息。

An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects

基于ARL-V2.6.2修改后的版本

A Bash script and Docker image for Bug Bounty reconnaissance. Intended for headless use.

docker container escape check || Docker 容器逃逸检测