AI-native automated software risk analysis skill. LLM-driven, Code-First approach for comprehensive security risk assessment, threat modeling, security testing, penetration testing, and compliance checking.
☆190Feb 10, 2026Updated 3 weeks ago
Alternatives and similar repositories for threat-modeling
Users that are interested in threat-modeling are comparing it to the libraries listed below
Sorting:
- 在Java安全学习过程中的笔记和代码☆81Mar 3, 2026Updated last week
- 在spring-aop中新发现的反序列化gadget-chain☆52Jan 12, 2025Updated last year
- GitHubApi CVE Poc监控工具☆14Jan 23, 2026Updated last month
- Basic Psexec clone, but in golang.☆16Jul 2, 2022Updated 3 years ago
- JeecgBoot Go版本综合漏洞检测工具☆81Feb 24, 2026Updated 2 weeks ago
- 适用于某EHR&HRM的加解密工具,可直接用于sqlmap☆25Jan 14, 2024Updated 2 years ago
- Kill Everything AV/EDR☆27Nov 18, 2024Updated last year
- ☆49Dec 30, 2025Updated 2 months ago
- MS17-010 Exploits With Original NSA Tool(only for windows)☆31Jul 30, 2024Updated last year
- 支持Tomcat内存马查杀的JSP脚本☆65Jun 16, 2025Updated 8 months ago
- YongYou U8C deserialization file upload exploit tool targeting IPFxxFileService and IFileTrans services☆28Sep 28, 2025Updated 5 months ago
- ☆50Nov 4, 2022Updated 3 years ago
- 方便自己搭建codeql环境和数据库的工具。☆64Aug 16, 2025Updated 6 months ago
- 在学习过程中的一些记录☆23Oct 5, 2025Updated 5 months ago
- 一款linux 内网渗透辅助工具☆77Jan 31, 2024Updated 2 years ago
- burp插件 ShiroScan 主要用于框架、无dnslog key检测,在大佬的基础上加入shiro>1.2.42(AES GCM)☆17May 6, 2021Updated 4 years ago
- 如果反序列化过程中使用resolveClass拉黑了TemplatesImpl如何绕过☆53Sep 10, 2023Updated 2 years ago
- 一键Windows应急响应检测脚本☆112Sep 5, 2024Updated last year
- 专为渗透小白定制的SQL注入靶场,上手简单(巨难),练习sql注入的不二之选☆60Jun 12, 2025Updated 8 months ago
- 一个基于Codeql规则的go靶场☆41Feb 19, 2025Updated last year
- 免杀生成aspx的脚本☆26Sep 22, 2024Updated last year
- JeecgCracker 是��一个专门针对 JeecgBoot 框架的密码爆破工具。☆29Oct 29, 2024Updated last year
- 安全手册,企业安全实践、攻防与安全研究知识库☆41Nov 28, 2024Updated last year
- 哥斯拉webshell管理工具的插件,用于连接websocket型webshell☆176Apr 17, 2024Updated last year
- Active Directory share enumeration tool☆12Apr 28, 2025Updated 10 months ago
- Fenrir 是一个基于 MCP 协议与 AST 技术的代码审计工具,旨在解决安全研究与自动化代码审计领域中,面对大规模、结构复杂甚至反编译代码时,传统代码搜索与分析手段效率低、准确性差的问题。☆176Oct 21, 2025Updated 4 months ago
- portreuse reuseport 端口复用☆61Aug 27, 2023Updated 2 years ago
- ☆22Feb 21, 2025Updated last year
- 如何将Java反序列化Payload极致缩小☆69Jan 18, 2022Updated 4 years ago
- DockerApiRCE☆235Oct 22, 2024Updated last year
- CLI tool for tracking dependents repositories and sorting result by Stars ⭐☆43Jan 25, 2024Updated 2 years ago
- 内网综合扫描工具☆44Apr 16, 2024Updated last year
- 内网横向利用工具,用于ssh wmiexec等常规服务,也可以当作一个数据库执行命令工具☆68May 15, 2023Updated 2 years ago
- 一个集合了多种语言的实战化Web靶场 | A practical Web shooting range that integrates multiple languages☆82Feb 10, 2026Updated last month
- Java bytecode line number restoration tool☆134Aug 31, 2025Updated 6 months ago
- 一个普通的BOF用来BypassUAC☆22Apr 6, 2024Updated last year
- 🔍 CodeAuditAssistant - IDEA代码审计插件(公测中) ⚡ 精准追踪复杂调用链 | 🚀 毫秒级方法搜索 | 🔥 内置高危漏洞检测 原生集成 | 反编译/路径分析 | 内存优化 | 安全审计利器 🔍 Co…☆774Aug 3, 2025Updated 7 months ago
- burpsuite passive-scan-client 插件持续维护分支 v2024☆89Aug 16, 2025Updated 6 months ago
- Attack Active Directory Trusts with a single tool☆14Jan 15, 2025Updated last year