mysec007 Goto Github PK
Name: sec-007
Type: Organization
Name: sec-007
Type: Organization
目标是:成为最优秀的安全资源框架
2021hvv漏洞汇总
ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
常用服务器、数据库、中间件安全配置基线 - 基本包括了所有的操作系统、数据库、中间件、网络设备、浏览器,安卓、IOS、云的安全配置 For benchmarks.cisecurity.org
CVE-2019-1040 with Exchange
Impacket implementation of CVE-2021-1675
RDL的堆溢出导致的RCE
原文已被作者删除,备份用,非原创,EXP & POC
检测RDL服务是否运行,快速排查受影响资产
cve-search - a tool to perform local searches for known vulnerabilities
Exploit PoC for CVE-2024-32002
定时任务管理系统
《攻防映射图:ATT&CK攻击技术与SHIELD防御技术》 详情:https://mp.weixin.qq.com/s/3-GKn9Vq92VcH-TjjbmDYQ
A javaagent framework
《Kubernetes 加固手册》(美国国家安全局出品)- https://jimmysong.io/kubernetes-hardening-guidance
CVE、CMS、中间件漏洞检测利用合集 Since 2019-9-15
Web Security Technology & Vulnerability Analysis Whitepapers
Alibaba-Nacos-Unauthorized/ApacheDruid-RCE_CVE-2021-25646/MS-Exchange-SSRF-CVE-2021-26885/Oracle-WebLogic-CVE-2021-2109_RCE/RG-CNVD-2021-14536/RJ-SSL-VPN-UltraVires/Redis-Unauthorized-RCE/TDOA-V11.7-GetOnlineCookie/VMware-vCenter-GetAnyFile/yongyou-GRP-U8-XXE/Oracle-WebLogic-CVE-2020-14883/Oracle-WebLogic-CVE-2020-14882/Apache-Solr-GetAnyFile/F5-BIG-IP-CVE-2021-22986/Sonicwall-SSL-VPN-RCE/GitLab-Graphql-CNVD-2021-14193/D-Link-DCS-CVE-2020-25078/WLAN-AP-WEA453e-RCE/360TianQing-Unauthorized/360TianQing-SQLinjection/FanWeiOA-V8-SQLinjection/QiZhiBaoLeiJi-AnyUserLogin/QiAnXin-WangKangFirewall-RCE/金山-V8-终端安全系统/NCCloud-SQLinjection/ShowDoc-RCE
PowerSploit - A PowerShell Post-Exploitation Framework
远程探测 remote desktop licensing 服务开放情况,用于 CVE-2024-38077 漏洞快速排查
基于Threathunting-book基础上完善的狩猎视角红队handbook
戎码之眼是一个window上的基于att&ck模型的威胁监控工具.有效检测常见的未知威胁与已知威胁.防守方的利剑
Chinese safety prompts for evaluating and improving the safety of LLMs. 中文安全prompts,用于评估和提升大模型的安全性。
一个方便安全研究人员获取每日安全日报的爬虫和推送程序,目前爬取范围包括先知社区、安全客、Seebug Paper、跳跳糖、奇安信攻防社区、棱角社区以及绿盟、腾讯玄武、天融信、360等实验室博客,持续更新中。
面向开发人员梳理的代码安全指南
一些常见的安全检测规则及事件
大安全各领域各公司各会议分享的PPT
collect
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.