kevinzhou9891 Goto Github PK

apolloscanner

自动化巡航扫描框架（可用于红队打点评估）

book1

《数据安全架构设计与实战》：本书系统性地介绍数据安全架构的设计与实践，融入了作者多年在安全领域积累的实践经验。全书分四大部分，共20章。 第一部分介绍安全架构的基础知识，内容包括安全、数据安全、安全架构、5A方法论、CIA等基本概念,为后续论述奠定基础。 第二部分介绍产品安全架构，内容包括：身份认证、授权、访问控制、审计、资产保护等，讲解如何从源头设计来保障数据安全和隐私安全，防患于未然。 第三部分介绍安全技术体系架构，内容包括：安全技术架构、网络和通信层安全架构、设备和主机层安全架构、应用和数据层安全架构、安全架构案例分析等。 第四部分介绍数据安全与隐私保护治理，内容包括：数据安全治理、数据安全政策文件体系、隐私保护基础与增强技术、GRC治理框架、数据安全与隐私保护的统一等。

bugrepoter_0x727

BugRepoter_0x727(自动化编写报告平台)根据安全团队定制化协同管理项目安全，可快速查找历史漏洞，批量导出报告。

building-a-multibranch-pipeline-project

For an advanced tutorial on how to use Jenkins to build a multibranch Pipeline project with selectively executed stages.

chat

Instant messaging platform. Backend in Go. Clients: Swift iOS, Java Android, JS webapp, scriptable command line; chatbots

codeanalysis

Static Code Analysis

creating-a-pipeline-in-blue-ocean

For an introductory tutorial on how to use the Blue Ocean feature of Jenkins to create a Pipeline that builds an application.

dependencycheck

OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.

explore-python

:green_book: The Beauty of Python Programming.

fscan

一款内网综合扫描工具，方便一键自动化、全方位漏扫扫描。

insight2_docker

janusec

Janusec Application Gateway, Provides Fast and Secure Application Delivery (Authentication, WAF/CC, HTTPS and ACME automatic certificates). JANUSEC应用网关，提供快速、安全的应用交付（身份认证, WAF/CC, HTTPS以及ACME自动证书）。

kindle_download_helper

Download all your kindle books script.

log4j2scan

Log4j2 RCE Passive Scanner plugin for BurpSuite

oscprepo

A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.

osv-scanner

Vulnerability scanner written in Go which uses the data provided by https://osv.dev

pentesterspecialdict

渗透测试人员专用精简化字典 Dictionary for penetration testers happy hacker

pocsuite3

pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.

python-guide

Python best practices guidebook, written for humans.

python3-cookbook

《Python Cookbook》 3rd Edition Translation

report

乙方渗透测试漏洞报告管理系统

scaninfo

fast scan for redtools

secguide

面向开发人员梳理的代码安全指南

seclists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

simple-java-maven-app

For an introductory tutorial on how to use Jenkins to build a simple Java application with Maven.

trivy

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

wazuh

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

xray-crack

Xray 1.9.3