A list of useful payloads and bypass for Web Application Security and Pentest/CTF

《FRIDA操作手册》by @hluwa @r0ysue

More than 21K security related open source tools, sorted by star count. Both in markdown and json format.

Awesome webshell collection. Including 150 Github repo, and 200+ blog posts.

A curated list of awesome Ghidra materials

Information Security mind map

Static analysis tool to detect potential nil panics in Go code

KCon is a famous Hacker Con powered by Knownsec Team.

Bypass android application SSL-pinning

TLS完全指南

Github Sensitive Information Leakage Monitor(Github信息泄漏监控系统)

记录学习codeql的过程

《深入理解CodeQL》Finding vulnerabilities with CodeQL.

🌵 RestfulHelper is for IntelliJ IDEA for quick navigation to URL mapping declarations.

Appshark is a static taint analysis platform to scan vulnerabilities in an Android app.

CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security

Android certificate pinning disable tools

网络信息安全从业者面试指南

solana copy sniper trading bot with zero latency, pump fun, pump swap, raydium launchpad, cpmm, clmm, meteora dbc, pumpfun mev

All-in-one & Easy-to-use. Integrate all your Xiaomi Smart Home - with a single integration and NO YAML files - into Home Assistant.

1000个PHP代码审计案例(2016.7以前乌云公开漏洞)

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

BinAbsInspector: Vulnerability Scanner for Binaries

Binary rewriting approach with fork server support to fuzz Java applications with afl-fuzz.

傻瓜式漏洞PoC测试框架

用于检测maven项目的第三方依赖组件是否存在安全漏洞。

安全测试平台

陌陌风控系统静态规则引擎，零基础简易便捷的配置多种复杂规则，实时高效管控用户异常行为。