- 🎏安全圈的小学生
- 🌈大收藏家(收藏=学会
- 🏅目前在做的事:蓝队、样本分析
🎇Thanks for attention! 🍻
Type: User
Bio: 想成为程序员的白帽子
Twitter: Wh0ale
Location: China
Blog: https://www.notion.so/Blog-ce36338263d243058d7c6f8da0ff1ddf
tools
This repository was created and developed by Ammar Amer @cry__pto Only. Updates to this repository will continue to arrive until the number of links reaches 10000 links & 10000 pdf files .Learn Ethical Hacking and penetration testing .hundreds of ethical hacking & penetration testing & red team & cyber security & computer science resources.
Posters, drawings...
利用大量高威胁poc/exp快速获取目标权限,用于渗透和红队快速打点
PoCBox - 赏金猎人的脆弱性测试辅助平台(破300star写重构版本,400star免费线上版本开放,1000star开放重构全新版本!)
Public OSINT data
python安全和代码审计相关资料收集 resource collection of python security and code review
QQ群关系可视化查询3D力导向图
Wiki to collect Red Team infrastructure hardening resources
2019年红队资源链接,资源不是本人整理出来,来自互联网,因为流传的少,特意在此做个备份,做个分享。
BCS(北京网络安全大会)2019 红队行动会议重点内容
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
A FREE comprehensive reverse engineering course covering x86, x64, 32-bit ARM & 64-bit ARM architectures.
JAVA安全SDK及编码规范
The toolbox of open source scanners - 安全行业从业者自研开源扫描器合辑
一个2023届毕业生在毕业前持续更新、收集的安全岗面试题及面试经验分享~
信息安全实习和校招的面经、真题和资料 减少安全选手找实习/工作的痛苦
爬取secwiki和xuanwu.github.io/sec.today,分析安全信息站点、安全趋势、提取安全工作者账号(twitter,weixin,github等)
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
collect
SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.
The Shadow Brokers "Lost In Translation" leak
The idea is to collect all the C# projects that are Sharp{Word} that can be used in Cobalt Strike as execute assembly command.
Apache Shiro payload AES解密
Generic Signature Format for SIEM Systems
Automated pentest framework for offensive security experts
社工库查询系统
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 checklist
工欲善其事,必先利其器
SSRF (Server Side Request Forgery) testing resources
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.