Next Terminal是一个简单好用安全的开源交互审计系统，支持RDP、SSH、VNC、Telnet、Kubernetes协议。

一个还算强大的Web思维导图。A relatively powerful web mind map.

Display and control your Android device

微信小程序反编译工具，.wxapkg 文件扫描 + 解密 + 解包工具

eBPF-based Security Observability and Runtime Enforcement

安卓应用安全学习

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks.

Come and join us, we need you!

Collections of Orange Tsai's public presentation slides.

高危漏洞利用工具

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list

Web path scanner

iOS/macOS Research Swiss Army Knife

Maybe the most detailed analysis of pdd backdoors

A curated list of useful resources that cover Offensive AI.

Project Wycheproof tests crypto libraries against known attacks.

一键反编译工具(不需要手动安装Python) One key for quickly decompile apk/aar/dex/jar, support by jadx/dex2jar/enjarify.

拼多多apk内嵌提权代码，及动态下发dex分析

A collection of links related to Linux kernel security and exploitation

Companion labs to "An Exploration of JSON Interoperability Vulnerabilities"

A declarative static analysis tool for jvm bytecode based Datalog like CodeQL

An easy-to-learn/use static analysis framework for Java

一个利用ASM对字节码进行污点传播分析的静态代码审计应用（添加了大量代码注释，适合大家进行源码学习）。也加入了挖掘Fastjson反序列化gadget chains和SQLInject（JdbcTemplate、MyBatis、JPA、Hibernate、原生jdbc等）静态检测功能。并且加入了很多功能以方便进行漏洞自动化挖掘。

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

Example of passing file descriptors into a container to perform a privilege escalation on the host

a rep for documenting my study, may be from 0 to 0.1

veinmind-tools 是由长亭科技自研，基于 veinmind-sdk 打造的容器安全工具集