Burp Suite Pro Loader & Keygen

JavaWeb漏洞审计工具，构建方法调用链并模拟栈帧进行分析。由于作者精力有限，可能不会再更新这个项目

A CAT called tabby ( Code Analysis Tool )

d18n is a data desensitization tool for RDBMS.

Antenna是58同城安全团队打造的一款辅助安全从业人员验证网络中多种漏洞是否存在以及可利用性的工具。其基于带外应用安全测试(OAST)通过任务的形式，将不同漏洞场景检测能力通过插件的形式进行集合，通过与目标进行out-bind的数据通信方式进行辅助检测。

A powerful browser crawler for web vulnerability scanners

碎遮SZhe_Scan Web漏洞扫描器，基于python Flask框架，对输入的域名/IP进行全面的信息搜集，漏洞扫描，可自主添加POC

Centralize Vulnerability Assessment and Management for DevSecOps Team

“火线～洞态IAST”是一款专为甲方安全人员、代码审计工程师和0 Day漏洞挖掘人员量身打造的辅助工具，可用于集成devops环境进行漏洞检测、作为代码审计的辅助工具和自动化挖掘0 Day。

RiskScanner 是开源的多云安全合规扫描平台，通过 Cloud Custodian 的 YAML DSL 定义扫描规则，实现对主流公(私)有云资源的安全合规扫描及使用优化建议。

CDK is an open-sourced container penetration toolkit, offering stable exploitation in different slimmed containers without any OS dependency. It comes with penetration tools and many powerful PoCs/…

Getting started with static program analysis. 静态程序分析入门教程。

go-zero is a web and rpc framework written in Go. It's born to ensure the stability of the busy sites with resilient design. Builtin goctl greatly improves the development productivity.

CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security (code scanning), LGTM.com, and LGTM Enterprise

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

Creating Data Flow Graphs from java input classes

🍯 A Most Convenient Honeypot Platform. 🐝🐝🐝 🐝🐝

XSS'OR - Hack with JavaScript.

Agent-less vulnerability scanner for Linux, FreeBSD, Container Image, Running Container, WordPress, Programming language libraries, Network devices

AWS SDK for JavaScript in the browser and Node.js

SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 checklist

JSFinder is a tool for quickly extracting URLs and subdomains from JS files on a website.

Kubernetes中文指南/云原生应用架构实践手册 - https://jimmysong.io/kubernetes-handbook

A collection of various awesome lists for hackers, pentesters and security researchers

关注我要关注的—RSS本地阅读器

Spectre, Meltdown, Foreshadow, Fallout, RIDL, ZombieLoad vulnerability/mitigation checker for Linux & BSD