Stars
A command-line client for SQL Server with auto-completion and syntax highlighting
🐳 Docker image with Oracle Database 12c on board
Step into my GitHub treasure trove—an immersive collection of comprehensive notes chronicling my Certified Ethical Hacker (CEH) lab escapades. Journey through the intricate art of hacking, traversi…
CEH Practical Exam Notes (ilab), Blog and video
My Personal Notes that I used on the Exam as a Cheatsheet
一个高价值漏洞采集与推送服务 | collect valueable vulnerability and push it
🚨ATTENTION🚨 The CVE mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as an archive.
Replication package for the paper "Automatic Mapping of Unstructured Cyber Threat Intelligence: An Experimental Study" published at the IEEE International Symposium on Software Reliability Engineer…
Tools for conducting analysis of CVE data in Elasticsearch
Download all epss data, and import database. We can explore the data by SQL querys!
A multi-label classifier to categorize text in one of the STRIDE categories
TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE ATT&CK®.
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…
Linux enumeration tool for pentesting and CTFs with verbosity levels
match command-line arguments to their help text
Fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike.
An AI-powered threat modeling tool that leverages OpenAI's GPT models to generate threat models for a given application based on the STRIDE methodology.
Automatic SSRF fuzzer and exploitation tool
pagodo (Passive Google Dork) - Automate Google Hacking Database scraping and searching
WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
A basic tool to check security headers of a website
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
A curated list of amazingly awesome Burp Extensions
Automated All-in-One OS Command Injection Exploitation Tool.
Unicode Steganography with Zero-Width Characters, rewrite according to https://330k.github.io/misc_tools/unicode_steganography.html