企业级 AI 编程助手，专为 研发协作 和 研发管理 场景而设计。

A.S.E (AICGSecEval) is a repository-level AI-generated code security evaluation benchmark developed by Tencent Wukong Code Security Team.

T Wiki 云安全知识文库，可能是国内首个云安全知识文库？

快速解决app加密问题

一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具，可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如：Title、Domain、CDN、指纹信息、状态信息等。

高危漏洞利用工具

Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

程序员在家做饭方法指南。Programmer's guide about how to cook at home (Simplified Chinese only).

一款长亭自研的完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …

Native cross-platform ssh/sftp server compiled with graalvm, only 6m in size

CVE、CMS、中间件漏洞检测利用合集 Since 2019-9-15

CVE、CMS、中间件漏洞检测利用合集 Since 2019-9-15

绕过专业工具检测的Webshell研究文章和免杀的Webshell

CVE-2020-0688_EXP Auto trigger payload & encrypt method

PoC auto collect from GitHub.

Automatic bypass (brute force) waf

Upload, save and run keystroke injection payloads with an ESP8266 + ATMEGA32U4

网易云音乐第三方

Dzscan

Passive Security Scanner (被动式安全扫描器)

上传漏洞fuzz字典生成脚本

A Burp extension for generic extraction and reuse of data within HTTP requests and responses.

a new crawler based on python with more function including Network fingerprint search

收集了常见的设备默认用户名及密码和常见的用户名及弱口令

Penetration Testing Platform

A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑