Killer Agent

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug b…

AI infrastructure security assessment tool designed to discover and detect potential security risks in AI systems.

Pre-Built Vulnerable Environments Based on Docker-Compose

Java web common vulnerabilities and security code which is base on springboot and spring security

Attachment and official writeup for D^3CTF 2025's Pwn challenge - d3kheap2

《深入JDBC安全：特殊URL构造与不出网反序列化利用技术揭秘》对应研究总结项目 "Deep Dive into JDBC Security: Special URL Construction and Non-Networked Deserialization Exploitation Techniques Revealed" - Research Summary Project

Java 内存马开聚会 🎉

ctf awd比赛快速hook java题，提供一键流量转发，无痛修复

Directed Greybox Fuzzing with AFL

sec

A ground-truth fuzzing benchmark suite based on real programs with real bugs.

Research artifact for Oakland (S&P) 2024, "Titan: Efficient Multi-target Directed Greybox Fuzzing"

Windranger fuzzer compatible with llvm 16

AFL/AFL++ version FishFuzz

Run fuzzing experiments in Docker

CVE-2025-0282 is a critical vulnerability found in Ivanti Connect Secure, allowing Remote Command Execution (RCE) through a buffer overflow exploit.

american fuzzy lop - a security-oriented fuzzer

Nuclei AI - Browser Extension for Rapid Nuclei Template Generation

Hamster是基于mitmproxy开发的异步被动扫描框架，基于http代理进行被动扫描，主要功能为重写数据包、签名、漏洞扫描、敏感参数收集等功能（开发中）。

[CCS'24] An LLM-based, fully automated fuzzing tool for option combination testing.

Research artifact for Oakland (S&P) 2022, "BEACON: Directed Grey-Box Fuzzing with Provable Path Pruning"

For V8CTF M122