List of Computer Science courses with video lectures.

E-mails, subdomains and names Harvester - OSINT

coverage guided fuzz testing for javascript

DOM fuzzer

Certified Information Systems Security Professional (CISSP) notes

Automation&Workflow JavaScript IDE on Android(安卓平台上的JavaScript编程IDE)

The most comprehensive database of Chinese poetry 🧶最全中华古诗词数据库, 唐宋两朝近一万四千古诗人, 接近5.5万首唐诗加26万宋诗. 两宋时期1564位词人，21050首词。

Agent for collecting, processing, aggregating, and writing metrics, logs, and other arbitrary data.

Control and manage Android devices from your browser.

用于辅助安全工程师漏洞挖掘、测试、复现，集合了mock、httplog、dns tools、xss，可用于测试各类无回显、无法直观判断或特定场景下的漏洞。

Nginx configuration static analyzer

A little tool to play with Windows security

A powerful and user-friendly binary analysis platform!

一款长亭自研的完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档

Get callsites from the V8 stack trace API

Basic Electron Exploitation

This repository contains all the XSS cheatsheet data to allow contributions from the community.

⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.

CVE-2019-11043 PHP7.x RCE

An enterprise friendly way of detecting and preventing secrets in code.

BCC - Tools for BPF-based Linux IO analysis, networking, monitoring, and more

Node.js TOTP + HOTP library, with nice utilities for handing 2FA

awesome list of browser exploitation tutorials

CTF framework and exploit development library

APT & CyberCriminal Campaign Collection

The ZAP by Checkmarx Core project

w3af: web application attack and audit framework, the open source web vulnerability scanner.

Test suites for Web platform specs — including WHATWG, W3C, and others

各种安全大会PPT PDF