Lists (13)
Stars
Statistics of acceptance rate for the top conferences: Oakland, CCS, USENIX Security, NDSS.
CVE cache of the official CVE List in CVE JSON 5 format
HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug b…
A.S.E (AICGSecEval) is a repository-level AI-generated code security evaluation benchmark developed by Tencent Wukong Code Security Team.
📦 Make security testing of K8s, Docker, and Containerd easier.
An easy-to-learn/use static analysis framework for Java
Expose your FastAPI endpoints as Model Context Protocol (MCP) tools, with Auth!
This is my final project for CS50 course, this is a web application which helps user to take notes of their favorite tunes.
Zero shot vulnerability discovery using LLMs
A data pool-aware static analyzer to detect cross-layer threats in Android apps.
Open-source code analysis platform for C/C++/Java/Binary/Javascript/Python/Kotlin based on code property graphs. Discord https://discord.gg/vv4MH284Hc
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
A structure-aware grey box fuzzer based on modeling the input processing logic.
Collect awesome best papers from top AI conferences.
This repo collects the best papers from top 4 computer security conferences, including IEEE S&P, ACM CCS, USENIX Security, and NDSS.
Uncover the true IP address of websites safeguarded by Cloudflare & Others
Server-Side Template Injection and Code Injection Detection and Exploitation Tool
Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan, VirusTotal & Intelligence X!
A new version of Soot with a completely overhauled architecture
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
🐛 A list of writeups from the Google VRP Bug Bounty program
Corax for Java: A general static analysis framework for java code checking.
「🔑」A tool used to hunt down API key leaks in JS files and pages
Tool based on @gaasedelen's lighthouse frida tool modified for capturing coverage of Android executables.