A simple, battle-tested and generic set type for the Go language. Trusted by Docker, 1Password, Ethereum and Hashicorp.

A Model Context Protocol server for IDA

This project runs a Model Context Protocol (MCP) server that wraps the CodeQL query server. It enables tools like [Cursor](https://cursor.sh/) or AI agents to interact with CodeQL through structure…

MCP Server for Ghidra

This is a PoC code to exploit the IngressNightmare vulnerabilities (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974).

A continuously updated collection of CodeLLM papers maintained by PurCL group @ Purdue

A list of AI autonomous agents

Talk to any LLM with hands-free voice interaction, voice interruption, and Live2D taking face running locally across platforms

CVE-2025-30208-EXP

MCP Server for IDA Pro

Simple, reliable, and efficient distributed task queue in Go

Let your Claude able to think

一个 CLASS 文件混淆工具，支持方法名/字段名/参数名引用分析和重命名混淆方式，支持字符串提取/AES加密运行时解密/整型异或混淆/垃圾代码花指令混淆/等方式，支持方法和字段的隐藏，支持INVOKE指令改反射调用，配置简单，容易上手

Display and control your Android device

Appshark is a static taint analysis platform to scan vulnerabilities in an Android app.

🔬 Online Heap Dump, GC Log, Thread Dump & JFR File Analyzer.

闭源系统半自动漏洞挖掘工具，针对 jar/war/zip 进行静态代码分析，输出从source到sink的可达路径。LLM将验证路径可达性，并根据上下文给出该路径可信分数

DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely

A patched QEMU that exposes an interface for LibAFL-based fuzzers

A patched QEMU that exposes an interface for LibAFL-based fuzzers

Python DBAPI driver for MSSQL using pure Python TDS (Tabular Data Stream) protocol implementation

一款帮助云租户发现和测试云上风险、增强云上防护能力的综合性开源工具

Collection of publicly available IPTV channels from all over the world

AWS云平台 AccessKey 泄漏利用工具

Prompt越狱手册

xAST评价体系，让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".

A tool specifically designed for Kubernetes environments aims to efficiently and automatically discover hidden vulnerable APIs within clusters.

入侵痕迹清理/Cleaning up traces of intrusion

Zero shot vulnerability discovery using LLMs

This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone is created, it utilizes MINIDUMP_CALLBACK_INFORMATION callb…