一款综合性网络安全检测和运维工具，旨在快速资产发现、识别、检测，构建基础资产信息库，协助甲方安全团队或者安全运维人员有效侦察和检索资产，发现存在的薄弱点和攻击面。

一款完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档

A Security Tool for Bug Bounty, Pentest and Red Teaming.

Fair-code workflow automation platform with native AI capabilities. Combine visual building with custom code, self-host or cloud, 400+ integrations.

🗃 Open source self-hosted web archiving. Takes URLs/browser history/bookmarks/Pocket/Pinboard/etc., saves HTML, JS, PDFs, media, and more...

Webshell && Backdoor Collection

Sample Rootkit for Linux

Community curated list of templates for the nuclei engine to find security vulnerabilities.

Server-Side Template Injection and Code Injection Detection and Exploitation Tool

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Linux kernel source tree

This is the list of all rootkits found so far on github and other sites.

Cyber Security ALL-IN-ONE Platform

远控免杀系列文章及配套工具，汇总测试了互联网上的几十种免杀工具、113种白名单免杀方式、8种代码编译免杀、若干免杀实战技术，并对免杀效果进行了一一测试，为远控的免杀和杀软对抗免杀提供参考。

404StarLink - 推荐优质、有意义、有趣、坚持维护的安全开源项目

Next generation web scanner

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

一个攻防知识仓库 Red Teaming and Offensive Security