| github_id | title | url | org_url | org_profile | org_geo | org_repositories | org_people | org_projects | repo_lang | repo_star | repo_forks |
|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | hcsshim - 微软开源的利用 Windows Host Compute Service (HCS) 管理 Windows 容器的软件包 | https://github.com/Microsoft/hcsshim | https://opensource.microsoft.com | Open source, from Microsoft with love | Redmond, WA | 2392 | 4273 | 0 | C,TypeScript,Java,Vue,C#,JavaScript,C++,Python,Objective-C,HTML,F#,Jupyter,Ruby,PowerShell,HCL | 74300 | 10100 |
| mwrlabs | SharpGPOAbuse - MWR Labs 开发的基于 C# 的工具,用于滥用 GPO 编辑权限攻击该 GPO 控制的对象 | https://github.com/mwrlabs/SharpGPOAbuse | http://labs.mwrinfosecurity.com/ | Basingstoke, Johannesburg, London, Manchester, Singapore, New York | 43 | 0 | 0 | C,Java,Python,JavaScript,C++,C#,Objective-C,Assembly,Ruby,PowerShell,CSS | 1700 | 501 | |
| REhints | 从 UEFI 固件攻击硬件可信任架构(HROT) ,来自 offensive 2019 大会 | https://github.com/REhints/Publications/blob/master/Conferences/Bypassing%20Hardware%20Root%20of%20Trust/offcon2019_final.pdf | http://REhints.com | http://REhints.com | 10 | 2 | 0 | Python,C,Assembly,CSS,C++ | 1200 | 249 | |
| go-containerregistry - Google 开源了一个 Go 语言版本的 Docker Registry 交互工具 | https://github.com/google/go-containerregistry | https://opensource.google.com/ | Google ❤️ Open Source | https://opensource.google.com/ | 1460 | 2510 | 0 | C,TypeScript,Java,HTML,Python,JavaScript,C++,Dart,Haskell,Go,PHP,CSS | 0 | 0 | |
| rapid7 | Metasploit 框架新增了一个 LibreOffice CVE-2018-16858 漏洞的利用代码,该漏洞通过 Document 事件触发脚本代码执行 | https://github.com/rapid7/metasploit-framework/commit/22085113ad67c0716b7b0aa6adfdaf9f7c8b48f0 | http://www.rapid7.com/ | Boston, MA | 232 | 0 | 0 | C,Shell,Java,Python,JavaScript,HTML,Go,Ruby | 0 | 0 | |
| osquery - Facebook 开源的基于 SQL 实现的操作系统插桩、监控、分析框架 | https://github.com/facebook/osquery | https://opensource.fb.com | We are working to build community through open source technology. NB: members must have two-factor auth. | Menlo Park, California | 158 | 185 | 0 | C,Java,Python,JavaScript,OCaml,C++,Objective-C,Haskell,Swift | 0 | 0 | |
| OWASP | QRLJacking - 扫描恶意二维码劫持用户登录回话的社工技术分享 | https://github.com/OWASP/QRLJacking/tree/master/QRLJacker | http://www.owasp.org | The OWASP Foundation | http://www.owasp.org | 145 | 26 | 0 | C,Shell,Java,Python,Dockerfile,JavaScript,Perl,HTML,Go,Ruby,CSS | 0 | 0 |
| fox-it | adconnectdump - 从 Azure AD Connect 服务器中导出凭证的工具 | https://github.com/fox-it/adconnectdump | https://www.fox-it.com/ | https://www.fox-it.com/ | 31 | 1 | 0 | C,Shell,Python,Bro,HTML,Ruby,PowerShell | 0 | 0 | |
| comaeio | OPCDE 2019 会议的资料公开了 | https://github.com/comaeio/OPCDE/blob/master/README.md | http://www.comae.io | Dubai, UAE | 24 | 0 | 0 | C,Java,JavaScript,C++,Nginx,Smarty,PowerShell | 0 | 0 | |
| Coalfire-Research | DeathMetal - 针对 Intel AMT 的攻击工具集 | https://github.com/Coalfire-Research/DeathMetal | http://www.coalfirelabs.com | Advancing the state of the Infosec industry by providing cutting-edge research, open-source tools and tradecraft | http://www.coalfirelabs.com | 14 | 0 | 0 | C,Python,JavaScript,Lua,PowerShell,HCL | 0 | 0 |
| RhinoSecurityLabs | Apache Axis 由于代码中加载过期域名托管的资源导致的远程代码执行漏洞详情披露(CVE-2019-0227) | https://github.com/RhinoSecurityLabs/CVEs/blob/master/CVE-2019-0227/README.md | https://rhinosecuritylabs.com | A boutique penetration testing and security assessment firm in Seattle, WA. | Seattle, WA | 10 | 0 | 0 | Python,JavaScript,PowerShell,HCL | 0 | 0 |
| DigitalSecurity | nrf5x芯片固件反编译工具 | https://github.com/DigitalSecurity/nrf5x-tools | http://www.digitalsecurity.fr | Paris, France | 9 | 2 | 0 | Python,C,JavaScript,C++ | 0 | 0 | |
| NLua | NLua - Bridge between Lua and the .NET | https://github.com/NLua/NLua | http://nlua.org | http://nlua.org | 9 | 1 | 0 | C#,Lua,C,Shell,Perl | 0 | 0 | |
| Nothing2Hide | pcap_ioc: Python library to extract potential IOCs from a pcap file | https://github.com/Nothing2Hide/pcap_ioc | https://nothing2hide.org/ | Des outils pour protéger linformation | Internet | 9 | 0 | 0 | Python,Shell,PHP,CSS | 0 | 0 |
| sophoslabs | While parsing an HTML5 stream in concert with custom HTML elements. This results in the stream parser object being freed while still in use. | https://github.com/sophoslabs/CVE-2018-18500/ | https://www.sophos.com/en-us/labs.aspx | https://www.sophos.com/en-us/labs.aspx | 4 | 0 | 0 | Python,HTML | 0 | 0 | |
| opensec-cn | VTest - 漏洞测试辅助系统 | https://github.com/opensec-cn/vtest | https://opensec-cn.github.io | https://opensec-cn.github.io | 3 | 5 | 0 | Python,Go,HTML | 0 | 0 |
| github_id | title | url | p_url | p_profile | p_loc | p_company | p_repositories | p_projects | p_stars | p_followers | p_following | repo_lang | repo_star | repo_forks |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ruanyf | document-style-guide: 中文技术文档的写作规范 | https://github.com/ruanyf/document-style-guide | https://twitter.com/ruanyf | Shanghai, China | None | 56 | 0 | 234 | 52000 | 0 | JavaScript | 0 | 0 | |
| openbilibili | 哔哩哔哩(bilibili)站的源码疑似泄漏 | https://github.com/openbilibili/go-common | None | None | None | 0 | 0 | 0 | 2200 | 0 | 0 | 0 | ||
| taviso | swisstable - 访问 Abseil Swiss Tables 的小型 C 封装库 | https://github.com/taviso/swisstable | None | None | None | 11 | 0 | 9 | 1100 | 1 | C | 2600 | 193 | |
| clone95 | Virgilio: Your new Mentor for Data Science E-Learning | https://github.com/clone95/Virgilio | None | I graduated in Italy in IT Engineering, and im currently having my internship in a shiny AI startup. | Bologna, Italy | None | 22 | 0 | 35 | 685 | 29 | Python,Jupyter,PowerShell | 0 | 0 |
| jas502n | Weblogic 任意文件上传漏洞(CVE-2019-2618)的 Exploit | https://github.com/jas502n/cve-2019-2618/ | None | 1.misc 2.crypto 3. web 4. reverse 5. android 6. pwn 7. elf | None | None | 129 | 0 | 103 | 661 | 109 | Python,C,Shell,JavaScript,PHP | 294 | 106 |
| k8gege | K8tools: K8工具合集 | https://github.com/k8gege/K8tools | http://www.cnblogs.com/k8gege | USA | FBI | 10 | 0 | 9 | 594 | 1 | Python,C#,Ruby,PowerShell | 1200 | 500 | |
| travisgoodspeed | 利用 GHIDRA 逆向 Tytera MD380 的固件 | https://github.com/travisgoodspeed/md380tools/wiki/GHIDRA | None | None | None | 31 | 0 | 35 | 593 | 24 | Python,C,C++ | 593 | 190 | |
| ChiChou | 前两周 ChiChou 公开了多个 macOS 平台的多个应用的漏洞利用代码,包括微软 Microsoft AutoUpdate、Adobe Creative Cloud Desktop 以及 Feedback Assistant | https://github.com/ChiChou/sploits | https://github.com/alipay | 我要卖掉我的代码 浪迹天涯 | Beijing, China | @alipay | 53 | 0 | 1500 | 551 | 242 | Logos,C,Shell,JavaScript,C++,Objective-C,Vue | 1100 | 152 |
| xerub | voucher_swap - Exploit for P0 issue 1731 on iOS 12.1.2 | https://github.com/xerub/voucher_swap | None | None | None | 29 | 0 | 0 | 447 | 0 | Python,C | 191 | 86 | |
| Lucifer1993 | cmsprint: CMS和中间件指纹库 | https://github.com/Lucifer1993/cmsprint | None | 安全圈职业炮灰 | None | None | 25 | 0 | 315 | 444 | 25 | Python,Ruby | 897 | 403 |
| We5ter | 开源powershell CMD bash命令混淆检测工具 | https://github.com/We5ter/Flerken | https://lightrains.org | You are being watched. Anywhere. Anytime. | Chengdu,China | None | 11 | 0 | 1200 | 426 | 108 | Python,CSS | 0 | 0 |
| sebastienros | Jint - Javascript interpreter for .NET,在 Javascript 中运行 .NET 平台的代码 | https://github.com/sebastienros/jint | http://about.me/sebastienros | Bellevue, WA | Microsoft | 61 | 0 | 10 | 378 | 0 | C# | 2600 | 902 | |
| mjg59 | mjg59 为 Linux 内核提交了一个 Patch,支持用户态请求内核清空引用计数为 0 的内存页,防止重要密钥信息在进程崩溃、内存换页等场景下被泄漏。 | https://github.com/mjg59/linux/commit/cd2bb1eb23ededafc2f301f8bc5561523daa96e6 | https://github.com/google | Oakland | 73 | 0 | 2 | 356 | 0 | Python,C | 632 | 250 | ||
| 7kbstorm | 7kbscan-WebPathBrute Web路径暴力探测工具 | https://github.com/7kbstorm/7kbscan-WebPathBrute | https://www.7kb.org | Red Team | None | None | 27 | 0 | 2 | 261 | 0 | C++,XSLT | 220 | 67 |
| Viralmaniar | I-See-You: Bash and Javascript tool to find the exact location of user | https://github.com/Viralmaniar/I-See-You | https://twitter.com/maniarviral | Melbourne, Victoria, Australia | None | 36 | 0 | 221 | 219 | 93 | Python,Shell | 725 | 110 | |
| hlldz | APC-PPID - 通过 APC 注入创建进程并伪造父进程的项目 | https://github.com/hlldz/APC-PPID | https://artofpwn.com | Pwner, Red Teamer | İstanbul, Türkiye | None | 5 | 0 | 179 | 214 | 22 | Python,PowerShell,C++ | 691 | 159 |
| zer0yu | 网络空间安全的RSS订阅 | https://github.com/zer0yu/CyberSecurityRSS | http://zeroyu.xyz/ | Every light needs a shadow. You just have to learn how to control it,use it when you need it. | None | None | 29 | 0 | 2100 | 214 | 1100 | Python,C,CSS | 0 | 0 |
| pyn3rd | Apache Tomcat 远程代码执行漏洞(CVE-2019-0232),可以通过 Windows enableCmdLineArguments 触发 | https://github.com/pyn3rd/CVE-2019-0232/ | https://twitter.com/pyn3rd | Hangzhou | Alibaba Group | 7 | 0 | 0 | 210 | 0 | Python,Batchfile,Java | 118 | 46 | |
| ustayready | fireprox - AWS API Gateway 管理工具,用于动态创建 HTTP 传递代理以实现唯一的 IP 轮换 | https://github.com/ustayready/fireprox | None | divergent thinker/breaker and researcher of stuff | None | None | 39 | 0 | 7 | 194 | 7 | Python,C#,HTML | 702 | 147 |
| bkerler | OPPO和一加手机的.ozip固件解密工具 | https://github.com/bkerler/oppo_ozip_decrypt | https://twitter.com/viperbjk | Reverse Engineer and Data/Crypto Analyst | Germany | RevSkills | 313 | 0 | 2 | 193 | 13 | Python,C,Shell,CSS,C++ | 526 | 94 |
| al0ne | LinuxCheck: linux信息收集脚本 | https://github.com/al0ne/LinuxCheck | None | 入侵检测/流量分析/应急溯源 | china | None | 6 | 0 | 511 | 132 | 173 | Shell,Vim | 146 | 27 |
| djhohnstein | CSharpSetThreadContext - 由 C# 开发的通过 CreateRemoteThread 和 SetThreadContext 执行shellcode 以逃避 Get-InjectedThread 检测的工具 | https://github.com/djhohnstein/CSharpSetThreadContext | https://popeax.io | Operator at SpecterOps. Kali Contributor. | Seattle, WA | None | 48 | 0 | 5 | 130 | 2 | C# | 154 | 35 |
| ChaitanyaHaritash | 生成畸形debian安装包的工具 | https://github.com/ChaitanyaHaritash/kimi | None | Im just someone, to whom it might take you time to understand :) | lost | None | 63 | 0 | 356 | 116 | 105 | Python,C,C++ | 46 | 27 |
| eoftedal | Istio/Envoy 目录穿越漏洞详情披露(CVE-2019-9901) | https://github.com/eoftedal/writings/blob/master/published/CVE-2019-9901-path-traversal.md | http://erlend.oftedal.no/blog | Oslo, Norway | None | 73 | 0 | 384 | 103 | 67 | C#,JavaScript,Java | 172 | 11 | |
| iSafeBlue | 一张渗透测试思维导图 | https://github.com/iSafeBlue/Mind-Map/ | https://b1ue.cn | Security Researcher , Java Development Engineer | None | None | 9 | 0 | 281 | 92 | 40 | Java,HTML,JavaScript | 375 | 101 |
| Mattiwatti | EfiGuard - x64 UEFI bootkit,在启动时修补 Windows 启动管理器以禁用 PatchGuard 和驱动程序签名验证(DSE) | https://github.com/Mattiwatti/EfiGuard | None | The Netherlands | None | 19 | 0 | 13 | 87 | 3 | C,Assembly,C++ | 227 | 61 | |
| 0x36 | iOS上的沙箱逃逸漏洞(A11平台,版本<12.2) | https://github.com/0x36/powend | None | . | Morocco | None | 6 | 0 | 23 | 79 | 0 | C,Makefile | 138 | 36 |
| aleenzz | MYSQL SQL 注入 Bypass 技巧总结 | https://github.com/aleenzz/MYSQL_SQL_BYPASS_WIKI | None | 发现问题,解决问题 | None | 404 | 11 | 0 | 24 | 78 | 31 | Python | 288 | 74 |
| cfreal | Apache 本地提权漏洞 CVE-2019-0211 Exploit | https://github.com/cfreal/exploits/tree/master/CVE-2019-0211-apache | https://github.com/ambionics | None | @ambionics | 2 | 0 | 3 | 65 | 0 | PHP,HTML | 423 | 71 | |
| jthuraisamy | Synaptics 音频 Windows 内核驱动 CxUtilSvc 本地提权漏洞(CVE-2019-9730) | https://github.com/jthuraisamy/CVE-2019-9730/ | http://jackson.thuraisamy.me | None | None | 22 | 0 | 37 | 50 | 8 | C#,Python,C,JavaScript,Java | 40 | 9 | |
| lis912 | Evaluation_tools: 等级保护测评工具 | https://github.com/lis912/Evaluation_tools | None | 时不时拧巴的菜鸡一只。 | None | None | 9 | 0 | 16 | 45 | 0 | Go,Shell,HTML,CSS | 161 | 54 |
| chris408 | ct-exposer: discovers sub-domains by searching Certificate Transparency logs | https://github.com/chris408/ct-exposer | https://linkedin.com/in/chris408 | chris408.com | None | None | 9 | 0 | 6 | 44 | 6 | Python,C | 0 | 0 |
| unknownv2 | CoreHook - 基于 .NET Core 运行时实现的 Windows HOOK 库 | https://github.com/unknownv2/CoreHook | https://thierrybiz.page | Software Engineer interested in data engineering and cloud computing. | None | None | 32 | 0 | 888 | 36 | 30 | C#,Java,C++,Scala | 75 | 11 |
| leeberg | BlueHive - 基于 PowerShell 实现的活动目录密罐用户管理项目,并且带仪表盘以可视化展示结果 | https://github.com/leeberg/BlueHive | http://www.leealanberg.com | Product Manager, Automation Engineer, Content Producer, EX Microsoft MVP, Nerd | Madison, Wisconsin, United States | None | 35 | 0 | 85 | 26 | 64 | C# | 4 | 0 |
| locoz666 | 手把手教你写爬虫 | https://github.com/locoz666/spider-article | None | ShenZhen | Midu(www.midu.com) | 3 | 0 | 42 | 23 | 2 | JavaScript | 0 | 0 | |
| crypto-cypher | 《Privacy for Identities: The Art of Pseudonymity》发布,主要探讨信息安全,隐私权和大规模监控 | https://github.com/crypto-cypher/privacy-for-identities/blob/master/PrivacyForIdentities%20-%20Prerelease.pdf | https://twitter.com/CryptoCypher | Networking. OpSec. Privacy. Coding. Just another paranoid cypherpunk whos terrible at calculus. Dreaming big. | None | None | 7 | 0 | 7 | 20 | 7 | Shell | 32 | 5 |
| streaak | Keyhacks - 逐个请求各公司 API 服务接口,用于检查泄漏的 API Keys 是否是主流公司的有效 API Key | https://github.com/streaak/keyhacks | None | None | None | 31 | 0 | 13 | 20 | 1 | Python,Shell,Ruby | 98 | 20 | |
| batteryshark | 商用硬件Token设备软件实现中安全问题 | https://github.com/batteryshark/writeups/tree/master/20190417 | None | New York, NY | Stonefish Systems | 46 | 0 | 2 | 17 | 0 | Python,C | 24 | 2 | |
| DimopoulosElias | alpc-mmc-uac-bypass - 通过 ALPC 绕过 UAC 的项目 | https://github.com/DimopoulosElias/alpc-mmc-uac-bypass | https://www.linkedin.com/in/dimopouloselias | None | None | 5 | 0 | 11 | 15 | 2 | Python,C,C++ | 43 | 10 | |
| sumas | OSCP-Cheatsheet-God - OSCP 考试备忘清单 | https://github.com/sumas/OSCP-Cheatsheet-God | None | None | None | 18 | 0 | 1 | 14 | 1 | Python,JavaScript,Java,PHP | 124 | 31 | |
| hongphipham95 | 研究员 hongphipham95 公开 KMPlayer 和 VirualBox 的很多漏洞分析文章,昨天新增一篇 VirtualBox Intel PRO 1000 设备模拟整数溢出漏洞的分析 | https://github.com/hongphipham95/Vulnerabilities | None | Viet Nam | None | 6 | 0 | 79 | 12 | 9 | Python,Java,C++ | 13 | 3 | |
| PokemonGoTeam | CRYPTOPOKEMON: Simple C++ cryptolocker Blowfish CBC | https://github.com/PokemonGoTeam/CRYPTOPOKEMON | http://pokemongo.icu | Kiev, Ukraine | PokemonGo | 1 | 0 | 0 | 7 | 0 | C++ | 12 | 3 | |
| attakercyebr | DVR 摄像头漏洞攻击脚本(CVE-2018-2019) | https://github.com/attakercyebr/hack4lx_CVE-2018-2019 | https://t.me/hack4lx | The black hat hacker team leader just came out for destruction M4nifest0 Cyber security team™ | Romania | @os20ir | 18 | 0 | 21 | 4 | 17 | Python,Visual,Shell | 6 | 3 |
| chipik | SAP Gateway ACL 错误配置漏洞的 Exploit | https://github.com/chipik/SAP_GW_RCE_exploit | None | https://twitter.com/_chipik | None | None | 5 | 0 | 2 | 2 | 1 | Python | 4 | 2 |
| mykter | aws-security-cert-service-notes - AWS 服务安全认证学习笔记 | https://github.com/mykter/aws-security-cert-service-notes | http://mykter.com | UK | None | 20 | 0 | 29 | 2 | 0 | Python,C,TypeScript | 272 | 52 | |
| llt4l | 从思科 Ciscos CUCM (Call Manager,呼叫管理软件)的 TFTP 服务器中提取手机配置文件并搜索密钥信息 | https://github.com/llt4l/iCULeak.py | https://twitter.com/llt4l | Infosec person.. | None | None | 5 | 0 | 0 | 1 | 0 | Python,HTML,CSS | 5 | 2 |
| AngelCtulhu | Wordpress Support Candy 插件的文件上传漏洞 | https://github.com/AngelCtulhu/CVE-2019-11223/ | http://cert.kalasag.com.ph | Pasig | 8Layer Technologies Inc. | 2 | 0 | 0 | 0 | 0 | Python | 0 | 0 | |
| tea-deliverers | PlaidCTF 2019 比赛的 Writeup | https://github.com/tea-deliverers/ctf-writeups/blob/master/pctf2019/PlaidCTF2019_Writeup_Tea_Deliverers.pdf | None | None | None | None | 0 | 0 | 0 | 0 | 0 | 0 | 0 |
| title | url |
|---|---|
| Android Cloak and Dagger Attack | https://medium.com/@targetpractice/cloak-and-dagger-malware-techniques-demystified-c4d8a035b94e |
| Multiple Vulnerabilities + WAF bypass to Account Takeover | https://medium.com/@y.shahinzadeh/chaining-multiple-vulnerabilities-waf-bypass-to-account-takeover-in-almost-all-alibabas-websites-f8643eaa2855 |
| How to start learning Digital Forensics | https://medium.com/@a.alwashli/how-to-start-learning-digital-forensics-8038bcc9af6a |
| title | url |
|---|
| title | url |
|---|---|
| kaggle 首战拿金牌总结 | https://zhuanlan.zhihu.com/p/60953933 |
| .NET CLR注入方法探讨 | https://zhuanlan.zhihu.com/p/61464591 |
| 风控对抗中的常规特征及处置选择 | https://zhuanlan.zhihu.com/p/62525083 |
python update_daily.py