Periodic cyber security newsletters that capture the latest news, summaries of conference talks, research, best practices, tools, events, vulnerabilities, and analysis of trending threats and attacks

1,123 75 Updated Jul 12, 2025

BishopFox / sliver

Adversary Emulation Framework

Go 9,660 1,309 Updated Jun 30, 2025

Avienma / shellcode_loader

一款shellcode免杀工具，免杀测试对象火绒联想等其他杀软

51 9 Updated Jun 3, 2022

peass-ng / PEASS-ng

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

C# 17,907 3,256 Updated Jul 1, 2025

Airboi / bypass-av-note

免杀技术大杂烩---乱拳也打不死老师傅

1,085 180 Updated Mar 29, 2021

guchangan1 / All-Defense-Tool

本项目集成了全网优秀的攻防武器工具项目，包含自动化利用，子域名、目录扫描、端口扫描等信息收集工具，各大中间件、cms、OA漏洞利用工具，爆破工具、内网横向、免杀、社工钓鱼以及应急响应、甲方安全资料等其他安全攻防资料。

6,601 1,270 Updated Mar 18, 2025

LDrakura / Remote_ShellcodeLoader

远程shellcode加载&权限维持+小功能

C 298 66 Updated May 7, 2024

baidu / openrasp

🔥Open source RASP solution

C++ 2,887 617 Updated Jun 5, 2025

lzzbb / Adinfo

域信息收集工具

Go 400 34 Updated Sep 16, 2022

hasherezade / hollows_hunter

Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).

C 2,195 279 Updated May 25, 2025

SafeGroceryStore / MDUT

MDUT - Multiple Database Utilization Tools

Java 2,137 235 Updated Sep 22, 2023

piiperxyz / AniYa

免杀框架

Go 587 100 Updated Aug 1, 2022

Firebasky / Java

关于学习java安全的一些知识,正在学习中ing,欢迎fork and star

Java 780 147 Updated Jul 11, 2023

gmh5225 / awesome-game-security

awesome game security [Welcome to PR]

Python 2,509 356 Updated Jul 14, 2025

al0ne / suricata-rules

Suricata IDS rules 用来检测红队渗透/恶意行为等，支持检测CobaltStrike/MSF/Empire/DNS隧道/Weevely/菜刀/冰蝎/挖矿/反弹shell/ICMP隧道等

1,219 303 Updated Jul 8, 2023

Rvn0xsy / Invoke-x64dbg-loaddll

调用x64dbg中的loadll.exe白加黑示例代码

C 62 12 Updated Jun 18, 2024

birdhan / SecurityProduct

开源安全产品源码，IDS、IPS、WAF、蜜罐等

1,110 179 Updated Aug 9, 2024

ffffffff0x / 1earn

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

C++ 5,547 1,267 Updated Jun 6, 2024

jwt1399 / Sec-Tools

🍉一款基于Python-Django的多功能Web安全渗透测试工具，包含漏洞扫描，端口扫描，指纹识别，目录扫描，旁站扫描，域名扫描等功能。

Python 808 147 Updated Apr 20, 2024

daffainfo / AllAboutBugBounty

All about bug bounty (bypasses, payloads, and etc)

6,354 1,219 Updated Sep 8, 2023

jiaocoll / BeeScan-web

网络空间资产探测、网络测绘、Go语言、分布式、扫描、资产探测、资产测绘、红队、SRC | Cyberspace Asset Detection, Network Mapping, Go Language, Distributed, Scanning, Asset Detection, Asset Mapping, Red Team, SRC

CSS 407 56 Updated Aug 9, 2022

alcaparra / CVE-2022-26138

Atlassian Questions Hardcoded Password (CVE-2022-26138)

31 10 Updated Jul 26, 2022

moonD4rk / HackBrowserData

Extract and decrypt browser data, supporting multiple data types, runnable on various operating systems (macOS, Windows, Linux).

Go 12,543 1,680 Updated Jun 29, 2025

ZororoZ / fscanOutput

一个用于处理fsacn输出结果的小脚本（尤其面对大量资产的fscan扫描结果做输出优化，让你打点快人一步！！！）

Python 438 40 Updated Aug 28, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Storm0

Block or report Storm0

Stars

davinci1010 / pinduoduo_backdoor

4ra1n / shell-analyzer

LandGrey / spring-boot-upload-file-lead-to-rce-tricks

Drun1baby / JavaSecurityLearning

Y4tacker / JavaSec

MortalAndTry / ProxyRelay

TalEliyahu / awesome-security-newsletters