哥斯拉Hikvision综合安防后渗透插件，运行中心/web前台/MinIO 配置提取（解密）重置密码,还原密码。

An image upload and manage tool, base on PicGo

ZMap is a fast single packet network scanner designed for Internet-wide network surveys.

Redis primary/secondary replication RCE

Redis(<=5.0.5) RCE

Wrap Gemini CLI, Antigravity, ChatGPT Codex, Claude Code, Qwen Code, iFlow as an OpenAI/Gemini/Claude/Codex compatible API service, allowing you to enjoy the free Gemini 2.5 Pro, GPT 5, Claude, Qwe…

Lightweight coding agent that runs in your terminal

⭐️ A cross-platform CLI All-in-One assistant tool for Claude Code, Codex & Gemini CLI.

常见CTF出题脚本与解题脚本

⚡️ Open-source AI Gateway — Use any SDK to call 100+ LLMs. Built-in failover, load balancing, cost control & end-to-end tracing.

No One（无名）：Next Generation Polyglot Website Manager

A magisk module to enable VoLTE, VoWIFI and 5G on Google Pixel's unsupported countries.

Hide process,port,self under Linux using the ld_preload

多功能 java agent 内存马

网络信息安全从业者面试指南

一款支持自定义的 Java 回显载荷生成工具｜A customizable Java echo payload generation tool.

DeepAudit：人人拥有的 AI 黑客战队，让漏洞挖掘触手可及。国内首个开源的代码漏洞挖掘多智能体系统。小白一键部署运行，自主协作审计 + 自动化沙箱 PoC 验证。支持 Ollama 私有部署 ，一键生成报告。支持中转站。​让安全不再昂贵，让审计不再复杂。

src资产管理漏洞扫描平台，子域名爆破，端口扫描，站点发现，目录扫描，爬虫，漏洞扫描

承影，愿你在光影之间，找到属于自己的锋芒。开源的类 BurpSuite 应用 ChYing — may you find your own edge between light and shadow. An open-source, BurpSuite-like application.

WebSocket 内存马/Webshell，一种新型内存马/WebShell技术

关于红队方面的学习资料

n8n Ni8mare - Unauthenticated Arbitrary File Read to RCE Chain (CVSS 10.0)

Java Vulnerability Exploitation Platform

The cheat sheet about Java Deserialization vulnerabilities

关于学习java安全的一些知识,正在学习中ing,欢迎fork and star

[WIP] 整理过去我和K8s、容器、虚拟化相关的分享 🧐

Apereo CAS - Identity & Single Sign On for all earthlings and beyond.

a critical memory disclosure vulnerability in MongoDB's zlib compression handling. This tool allows security researchers to extract sensitive data from vulnerable MongoDB instances.

MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize