🎯 Command Injection Payload List

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

Attack surface mapping

🦄 A curated list of the awesome resources about the Vulnerability Research

undetected Selenium without usage of chromedriver

afl-unicorn lets you fuzz any piece of binary that can be emulated by Unicorn Engine.

A collection of my Semgrep rules to facilitate vulnerability research.

Subaru StarLink persistent root code execution.

Python Command-Line Ghidra Binary Diffing Engine

Apache Shiro 反序列化漏洞检测与利用工具

LLEF is a plugin for LLDB to make it more useful for RE and VR

Canadian Furious Beaver is a ProcMon-style tool designed only for capturing IRPs sent to any Windows driver.

Quarkslab conference talks

A collection of my Ghidra scripts to facilitate reverse engineering and vulnerability research.

PolarDNS is a specialized authoritative DNS server suitable for penetration testing and vulnerability research.

A comprehensive collection of cheatsheets for reverse engineering, binary analysis, and assembly programming tools. This repository serves as a one-stop reference for security researchers, reverse engineers, and low-level programmers.

Quarkslab Bindiffer but not only !

Static Binary Instrumentation tool for Windows x64 executables

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

Automatically detect potential vulnerabilities and analyze repository metrics to prioritize open source security research targets