💻 Best practices and examples for using Claude Code - Anthropic’s terminal-native AI - for writing, editing, and refactoring code with deep project awareness, prompt design, and safe automation.

CodeQLpy是一款基于CodeQL实现的半自动化代码审计工具，目前仅支持java语言。实现从源码反编译，数据库生成，脆弱性发现的全过程，可以辅助代码审计人员快速定位源码可能存在的漏洞。

《深入理解CodeQL》Finding vulnerabilities with CodeQL.

Actions and Images for use in Learning Lab courses for CodeQL

Tutorial on Symbolic Execution. Hands-on session is based on the angr framework.

An step by step fuzzing tutorial. A GitHub Security Lab initiative

mirror of MIT krb5 repository

CVE-2024-3400-RCE

Decrypt encrypted SonicOSX firmware images

Integrate the DeepSeek API into popular softwares

Lightweight fuzzing of a memory snapshot using KVM

A statically compiled gdb/gdbserver-17.x repository

Python Juniper VPN Authenticator

A go-exploit to scan for Juniper firewalls vulnerable to CVE-2023-36845

Fuzz testing for go.

Redress - A tool for analyzing stripped Go binaries

poc for CVE-2024-38063 (RCE in tcpip.sys)

A benchmark suite containing 1 million compilable programs, mined from the largest public C repositories on GitHub.

a plugin to calculate complexity of executable's functions

IDA plugin for software complexity metrics assessment

SyzBridge is a research project that adapts Linux upstream PoCs to downstream distributions. It provides rich interfaces that allow you to do a lot of cool things with Syzbot bugs

Reverse Engineering: Decompiling Binary Code with Large Language Models

A plugin for IDA that can help to analyze binary file, it can be based on commonly used AI big models such as OpenAI and DeepSeek.

A Coverage Explorer for Reverse Engineers

Go symbol recovery tool

Collection of browser challenges

Include CVE vulnerability analyze， ctf pwn and documents for Browser-pwn