A command-line client for SQL Server with auto-completion and syntax highlighting

🐳 Docker image with Oracle Database 12c on board

A fast TCP/UDP tunnel over HTTP

game of active directory

Step into my GitHub treasure trove—an immersive collection of comprehensive notes chronicling my Certified Ethical Hacker (CEH) lab escapades. Journey through the intricate art of hacking, traversi…

CEH Practical Exam Notes (ilab), Blog and video

My Personal Notes that I used on the Exam as a Cheatsheet

一个高价值漏洞采集与推送服务 | collect valueable vulnerability and push it

🚨ATTENTION🚨 The CVE mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as an archive.

Replication package for the paper "Automatic Mapping of Unstructured Cyber Threat Intelligence: An Experimental Study" published at the IEEE International Symposium on Software Reliability Engineer…

Tools for conducting analysis of CVE data in Elasticsearch

Download all epss data, and import database. We can explore the data by SQL querys!

A multi-label classifier to categorize text in one of the STRIDE categories

TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE ATT&CK®.

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

Linux enumeration tool for pentesting and CTFs with verbosity levels

match command-line arguments to their help text

Fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike.

An AI-powered threat modeling tool that leverages OpenAI's GPT models to generate threat models for a given application based on the STRIDE methodology.

Automatic SSRF fuzzer and exploitation tool

pagodo (Passive Google Dork) - Automate Google Hacking Database scraping and searching

WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.

A basic tool to check security headers of a website

🤖 The Modern Port Scanner 🤖

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

A curated list of amazingly awesome Burp Extensions

A GPT-empowered penetration testing tool

Automated All-in-One OS Command Injection Exploitation Tool.

Unicode Steganography with Zero-Width Characters, rewrite according to https://330k.github.io/misc_tools/unicode_steganography.html