Starred repositories
DeepAudit:人人拥有的 AI 黑客战队,让漏洞挖掘触手可及。国内首个开源的代码漏洞挖掘多智能体系统。小白一键部署运行,自主协作审计 + 自动化沙箱 PoC 验证。支持 Ollama 私有部署 ,一键生成报告。支持中转站。让安全不再昂贵,让审计不再复杂。
An AI-powered security review GitHub Action using Claude to analyze code changes for security vulnerabilities.
DeepTeam is a framework to red team LLMs and LLM systems.
Evidently is an open-source ML and LLM observability framework. Evaluate, test, and monitor any AI-powered system or data pipeline. From tabular data to Gen AI. 100+ metrics.
PromtFuzz is an automated tool that generates high-quality fuzz drivers for libraries via a fuzz loop constructed on mutating LLMs' prompts.
Make your GenAI Apps Safe & Secure 🚀 Test & harden your system prompt
A curated list of safety-related papers, articles, and resources focused on Large Language Models (LLMs). This repository aims to provide researchers, practitioners, and enthusiasts with insights i…
🚀 A very efficient Texas Holdem GTO solver
Extract and decrypt browser data, supporting multiple data types, runnable on various operating systems (macOS, Windows, Linux).
Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)
一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-44228) defense.
KunLun-M是一个完全开源的静态白盒扫描工具,支持PHP、JavaScript的语义扫描,基础安全、组件安全扫描,Chrome Ext\Solidity的基础扫描。
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
Headless chrome/chromium automation library (unofficial port of puppeteer)
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
An powerful enhanced toolkit of MyBatis for simplify development
A helpful Java Deserialization exploit framework.
Focus on what matters instead of fighting with Git.