A Business-Driven Real-World Financial Benchmark for Evaluating LLMs

CodeQL extractor for java, which don't need to compile java source

程序员延寿指南 | A programmer's guide to live longer

OSS-Fuzz - continuous fuzzing for open source software.

Awesome Golang Security resources 🕶🔐

A collective list of free APIs

边界打点后的自动化渗透工具

A service that analyzes docker images and scans for vulnerabilities

Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.

Six Degrees of Domain Admin

Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-…

SecHub provides a central API to test software with different security tools.

List of real-world threats against endpoint protection software

哥斯拉

Snyk CLI scans and monitors your projects for security vulnerabilities.

Automated Adversary Emulation Platform

Generate awesome word(docx) with template

Analyses your Java applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determine code context and usage for greater accuracy. https://ecl…

KubeLinter is a static analysis tool that checks Kubernetes YAML files and Helm charts to ensure the applications represented in them adhere to best practices.

超硬核！使用图数据技术发现软件漏洞

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous …

IDEA静态代码安全审计及漏洞一键修复插件

An email spoofing testing tool that aims to bypass SPF/DKIM/DMARC and forge DKIM signatures.🍻

🔥 MeterSphere 是新一代的开源持续测试工具，内置 AI 助手，让软件测试工作更简单、更高效，不再成为持续交付的瓶颈。

低代码框架，支持流式布局与自由布局拖拽编排，可视化拖拽、随意嵌套组合、实时渲染、实时辅助线展示、自由布局支持辅助对齐、支持自动吸附、实时组件间距展示、实时拖拽排序、状态域管理，可视化属性配置、可视化样式配置、多设备适配展示，支持逻辑渲染、模板字符变量、表达式、自定义方法、自定义状态

快速搭建各种漏洞环境(Various vulnerability environment)

Curating the best DevSecOps resources and tooling.

安全、可靠、简单、免费的企业级蜜罐

A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.

Open-source code analysis platform for C/C++/Java/Binary/Javascript/Python/Kotlin based on code property graphs. Discord https://discord.gg/vv4MH284Hc