Log, Track, and Visualize your LLM Prompts and Chains

APT & CyberCriminal Campaign Collection

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetN…

Interesting APT Report Collection And Some Special IOC

🚀🚀 This is a 🎇🔥 REAL WORLD🔥 🎇 Malware Collection I have Compiled & analysed by researchers🔥 to understand more about Malware threats😈, analysis and mitigation🧐.

Automate the creation of a lab environment complete with security tooling and logging best practices

高危漏洞利用工具

Indicators of compromise (IOCs) collected from public resources and categorized by Qi-AnXin.

Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups

A toolset to make a system look as if it was the victim of an APT attack

FuzzBench - Fuzzer benchmarking as a service.

A fuzzing framework for SMT solvers

JQF + Zest: Coverage-guided semantic fuzzing for Java.

Set of tests for fuzzing engines

Coverage-guided, in-process fuzzing for the JVM

Web Fuzzing Box - Web 模糊测试字典与一些Payloads，主要包含：弱口令暴力破解、目录以及文件枚举、Web漏洞...字典运用于实战案例：https://gh0st.cn/archives/2019-11-11/1

Recent Fuzzing Paper

Automatic SSRF fuzzer and exploitation tool

Web application fuzzer

DotDotPwn - The Directory Traversal Fuzzer

A toolset for network packet capture in Cloud/Kubernetes and Virtualized environment.

Draw.io libraries for threat modeling diagrams

A symbolic Java virtual machine for program analysis, verification and test generation

Fast web fuzzer written in Go

Phosphor: Dynamic Taint Tracking for the JVM

Common Web Managers Fuzz Wordlists

coverage guided fuzz testing for javascript

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

A list of useful payloads for Web Application Security and Pentest/CTF