Starred repositories
2025年5月更新,目前国内可用Docker镜像源汇总,DockerHub国内镜像加速列表,🚀DockerHub镜像加速器
纯 Java 实现的 MySQL Fake Server | 支持 GUI 版和命令行版 | 支持反序列化和文件读取的利用方式 | 支持常见的 GADGET 和自定义 GADGET 数据 | 根据目标环境自动生成匹配的 PAYLOAD | 支持 PGSQL 和 DERBY 的利用
A comprehensive, intelligent, easy-to-use, and lightweight AI Infrastructure Vulnerability Assessment and MCP Server Security Analysis Tool.
Visual testing tool for MCP servers
A tool specifically designed for Kubernetes environments aims to efficiently and automatically discover hidden vulnerable APIs within clusters.
A Nuclei security scanning server based on MCP (Model Control Protocol), providing convenient vulnerability scanning services.一个基于 MCP (Model Control Protocol) 的 Nuclei 安全扫描服务器,提供便捷的漏洞扫描服务。
A comprehensive security checklist for MCP-based AI tools. Built by SlowMist to safeguard LLM plugin ecosystems.
A toolset to juggle AWS roles for persistent access
AI-Powered Python & Python-Powered AI (Python-Use)
KernJC: Automated Vulnerable Environment Generation for Linux Kernel Vulnerabilities (Best Practical Paper Award of RAID 2024)
本项目集成了全网优秀的攻防武器工具项目,包含自动化利用,子域名、目录扫描、端口扫描等信息收集工具,各大中间件、cms、OA漏洞利用工具,爆破工具、内网横向、免杀、社工钓鱼以及应急响应、甲方安全资料等其他安全攻防资料。
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list
LdapNightmare is a PoC tool that tests a vulnerable Windows Server against CVE-2024-49113
A repository of breaches of AWS customers
Top disclosed reports from HackerOne
A replacement for "kubectl exec" that works over WebSocket connections.
超级SQL注入工具(SSQLInjection)是一款基于HTTP协议自组包的SQL注入工具,采用C#开发,直接操作TCP会话来进行HTTP交互,支持出现在HTTP协议任意位置的SQL注入,支持各种类型的SQL注入,支持HTTPS模式注入;支持以盲注、错误显示、Union注入等方式来获取数据;支持Access/MySQL/SQLServer/Oracle/PostgreSQL/DB2/SQL…
Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize