Stars
Some setup scripts for security research tools.
🐩 Poodle (Padding Oracle On Downgraded Legacy Encryption) attack CVE-2014-3566 🐩
100-Days-Of-ML-Code中文版
Typed interactions with the GitHub API v3
Collection of commands, tips and tricks and references I found useful during preparation for OSCP exam.
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…
🍭 Wow, such a lovely HTML5 danmaku video player
Full Stack Web Development with Flask.
🔥 CHAOS is a free and open-source Remote Administration Tool that allow generate binaries to control remote operating systems.
CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and over 180 other CMSs
Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.
A tool mainly to erase specified records from Windows event logs, with additional functionalities.
This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or an…
常用服务器、数据库、中间件安全配置基线 - 基本包括了所有的操作系统、数据库、中间件、网络设备、浏览器,安卓、IOS、云的安全配置 For benchmarks.cisecurity.org
Bypassing WAF by abusing SSL/TLS Ciphers
Perform a MitM attack and extract clear text credentials from RDP connections