分享 GitHub 上有趣、入门级的开源项目。Share interesting, entry-level open source projects on GitHub.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

AI coding assistant skill (Claude Code, Codex, OpenCode, Cursor, Gemini CLI, and more). Turn any folder of code, SQL schemas, R scripts, shell scripts, docs, papers, images, or videos into a querya…

A feed-forward 3D foundation model for reconstructing scenes from streaming data

HTTP parameter discovery suite.

A True Instrumentable Binary Emulation Framework

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

Windows Exploit Suggester - Next Generation

This tool generates gopher link for exploiting SSRF and gaining RCE in various servers

Official pytorch implementation of the paper: "SinGAN: Learning a Generative Model from a Single Natural Image"

SSRF (Server Side Request Forgery) testing resources

AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation

CKIP Neural Chinese Word Segmentation, POS Tagging, and NER

New generation of wmiexec.py

gdb for pwn

system-design-primer 繁體中文翻譯計畫。原作者：https://github.com/donnemartin/system-design-primer

MySQL fake server for read files of connected clients

CVE-2020-0796 Remote Code Execution POC

DNS-Shell is an interactive Shell over DNS channel

Cloud-related research releases from the Rhino Security Labs team.

CVE-2025-49844 (RediShell)

PoC for triggering buffer overflow via CVE-2020-0796

cve-2020-0688

Encoder to bypass WAF filters using XOR operations.

CVE-2020-0796 Local Privilege Escalation POC

A static code analysis for WordPress (and PHP)

DDSpoof is a tool that enables DHCP DNS Dynamic Update attacks against Microsoft DHCP servers in AD environments.

Repo containing docker-compose files and setup scripts without having to clone the individual reternal components