RuoJi6
Follow
Lists (20)
Stars
Get 10X more out of Claude Code, Codex or any coding agent
一个高价值漏洞采集与推送服务 | Collect valueable vulnerabilities and push them to various services
YASA is an open-source static program analysis project. Its core innovation lies in a unified intermediate representation called UAST, designed to support multiple programming languages. Built on …
YASA-UAST is an intermediate representation structure for multi-language program analysis. The UAST-Parser parses code from different programming languages into a unified abstract syntax format.
This repository is designed to automate the detection and cleanup of in-memory web shells using MCP in combination with the memory-shell-detector tool. / 本仓库旨在结合 MCP 与 memory-shell-detector 工具,实现对内…
FlowEye(流量之眼) 是一款专为安全测试人员打造的 Web 化被动漏洞扫描平台。通过与 Burp Suite 无缝集成,FlowEye 能够实时接收并分析 HTTP 流量,自动进行多维度漏洞检测,帮助安全研究人员高效发现 Web 应用安全风险。
Code-First Deep Risk Analysis Skill for Claude Code - 8-Phase Workflow with Security design review, STRIDE Threat modeling, PenTest and attack chain analysis, Software compliance assessment
📚 《从零开始构建智能体》——从零开始的智能体原理与实践教程
A cross-platform desktop All-in-One assistant tool for Claude Code, Codex & Gemini CLI.
MatouWebshell 是一套基于 Vue 3 + Python 的 Webshell 利用平台。内置 Webshell 生成与连接能力,支持 Linux 目标下的 PHP、JSP、JSPX,并可自定义加密方式与请求/响应封装(form/json/xml/png 等),便于按业务流量形态进行伪装与兼容。提供命令终端、文件管理(大文件分块上传下载、编辑、压缩解压、权限/时间属性修改)、数据…
Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.
An extremely fast Python package and project manager, written in Rust.
All in one vscode plugin for mcp developer
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
Web Fuzzing Box - Web 模糊测试字典与一些Payloads
🚀 AI-Powered Red Team & Pentest Toolkit | 赋能红队与渗透测试的 AI 工具集
Adnify—— 轻量级、高定制化 AI Agent 编辑器,碾压主流 AI 编程工具的极致体验!轻量化架构秒启不卡顿,支持 AI Agent 全流程定制(逻辑编排 / 工具审批 / 智能交互),深度集成 XTerminal(WebGL 加速 + 自定义快捷键),搭配 Markdown 多模式编辑、主题自定义、Git 一体化管理,告别臃肿模板,让 AI 开发完全贴合你的习惯。
阿波罗钓鱼演练平台(ApolloFish)的网页钓鱼模板、邮箱钓鱼模板共享仓库。
在数字化浪潮下,钓鱼攻击已成为企业网络安全的主要威胁之一。仿冒网页、恶意邮件等钓鱼手段层出不穷,一旦员工不慎中招,可能导致企业核心数据泄露、系统瘫痪、财产损失等严重后果。在此背景下,阿波罗钓鱼演练平台(ApolloFish)应运而生,平台以“实战演练赋能安全意识提升”为核心目标,通过模拟真实的网页钓鱼、邮箱钓鱼场景,帮助企业精准检验员工安全防护能力,系统性强化全员安全意识,筑牢企业网络安全第…
哥斯拉Godzilla定制化插件,接收恶意类Base64编码与恶意类类名进行实例化,达到注入任意类型内存马的目的。
Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities.
DeepAudit:人人拥有的 AI 黑客战队,让漏洞挖掘触手可及。国内首个开源的代码漏洞挖掘多智能体系统。小白一键部署运行,自主协作审计 + 自动化沙箱 PoC 验证。支持 Ollama 私有部署 ,一键生成报告。支持中转站。让安全不再昂贵,让审计不再复杂。
🚀 2024-至今 1Day 漏洞 PoC 深度研究与复现归档。涵盖 OA、ERP、安防、数通、大模型及容器等 高价值资产漏洞,实战导向,助力安全研究与合规检测。
This open-source curriculum introduces the fundamentals of Model Context Protocol (MCP) through real-world, cross-language examples in .NET, Java, TypeScript, JavaScript, Rust and Python. Designed …