Modular and decentralised honeypot

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.

Malicious Microsoft Office document analyzer

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

A Simple Ransomware Vaccine

记录一下自己的病毒分析成果

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

《Linux提权方法论》

Arkime is an open source, large scale, full packet capturing, indexing, and database system.

一个攻防知识库。A knowledge base for red teaming and offensive security.

红队笔记

Generates malicious LNK file payloads for data exfiltration

Stealing Signatures and Making One Invalid Signature at a Time

红蓝对抗：钓鱼演练资源汇总&备忘录

千机-红队免杀木马自动生成器 Bypass defender、火绒、360等国内主流杀软 随机加密混淆shellcode快速生成免杀马

助力每一位RT队员，快速生成免杀木马

Modern C++ library for subscribing to registry changes

Python for Windows (pywin32) Extensions

User interface for recording and managing ETW traces

ETW Python Library

Damn Vulnerable Web Application (DVWA)

☕️ Java Security，安全编码和代码审计

Extracted Yara rules from Windows Defender mpavbase and mpasbase

Go middleware for net.Conn tracking (Prometheus/trace)

一个漏洞 PoC 知识库。A knowledge base for vulnerability PoCs(Proof of Concept), with 1k+ vulnerabilities.

Pingtunnel is a tool that send TCP/UDP traffic over ICMP

An Autonomous LLM Agent for Complex Task Solving

Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)

The Sigma command line interface based on pySigma