Course materials for Modern Binary Exploitation by RPISEC

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Neural Code Intelligence Survey 2024; Reading lists and resources

Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

Memshell-攻防内存马研究

Code for paper "SrcMarker: Dual-Channel Source Code Watermarking via Scalable Code Transformations" (IEEE S&P 2024)

Effective ReDoS Detection by Principled Vulnerability Modeling and Exploit Generation

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

An awesome & curated list of binary code similarity papers

静态分析及代码审计自动化相关资料收集

Most advanced XSS scanner.

A curated list of Grammar based fuzzing research papers, codes, tutorials

WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.

Evading Snort Intrusion Detection System.

Check your WAF before an attacker does

一个Vulhub漏洞复现知识库

🔥 Web-application firewalls (WAFs) from security standpoint.

数据库测试资料 This repo is a collection of resources on testing database systems

Automated testing to find logic and performance bugs in database systems

🔐CNCF Security Technical Advisory Group -- secure access, policy control, privacy, auditing, explainability and more!

Proof-of-concept codes created as part of security research done by Google Security Team.

《深入理解CodeQL》Finding vulnerabilities with CodeQL.

Academic papers related to fuzzing, binary analysis, and exploit dev, which I want to read or have already read

A GPT-Based Fuzz Driver Generator

This repo includes ChatGPT prompt curation to use ChatGPT better.

⚡A CLI tool for code structural search, lint and rewriting. Written in Rust