A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.

An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer

Stealthy Stand Alone PHP Web Shell

解密哥斯拉webshell管理工具流量

清除基于java agent木马

A POC Remote Desktop (RDP) session hijack utility for disconnected sessions

A framework for secure and scalable network traffic analysis - https://netcap.io

Automatic bypass (brute force) waf

用Golang实现微信跳一跳游戏自动玩

A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑

A tool to dump the login password from the current linux user

A little tool to play with Windows security

Suricata rules for Emerging Threats and funkyness

A curated list of resources for learning about application security

Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intellig…

Static code analyser for security scanning

Raw-socket-based Logger Library for Nginx (based on ngx_lua)

Projects and POCs

ngx_lua_waf是一个基于lua-nginx-module(openresty)的web应用防火墙

A non-backtracking NFA/DFA-based Perl-compatible regex engine matching on large data streams

IronBee Development Tools

A tool for exploiting Moxie Marlinspike's SSL "stripping" attack.

Universal web application security sensor intended for real-time monitoring and defense.

WAF Research

Stealth tiny web shell

Chrome extension Exploitation Framework

Turning Nginx into a Full-fledged Web App Server

icecast Logs Parser

Web Application Security Scanner Framework

SQL / SQLI tokenizer parser analyzer