Lists (3)
Sort Name ascending (A-Z)
Starred repositories
FastJson全版本Docker漏洞环境(涵盖1.2.47/1.2.68/1.2.80等版本),主要包括JNDI注入及高版本绕过、waf绕过、文件读写、原生反序列化、利用链探测绕过、不出网利用等。从黑盒的角度覆盖FastJson深入利用
本项目制作的初衷是帮助渗透新手快速搭建工作环境,工欲善其事,必先利其器。
用户名密码字典生成工具(将中文汉字姓名转成14种格式的拼音、IP地址处理、网络设备密码生成)
Source generator to add D/Invoke and indirect syscall methods to a C# project.
An online AV evasion platform written in Springboot (Golang, Nim, C) supports inline, local and remote loading of Shellocde methods.
Porting of mimikatz sekurlsa::logonpasswords, sekurlsa::ekeys and lsadump::dcsync commands
基于C#的微信PC版聊天记录备份工具,提供图形界面,解密微信数据库并导出聊天记录。
🎯 XML External Entity (XXE) Injection Payload List
Burp extension to evade TLS fingerprinting. Bypass WAF, spoof any browser.
Reflective x64 PE/DLL Loader implemented using Dynamic Indirect Syscalls
obfuscated any constant encryption in compile time on any platform
CobaltStrike Beacon written in .Net 4 用.net重写了stager及Beacon,其中包括正常上线、文件管理、进程管理、令牌管理、结合SysCall进行注入、原生端口转发、关ETW等一系列功能
Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process.
猫蛋儿安全团队编写的poc能报就能打。企业微信、海康、Metabase、Openfire、泛微OA......
A list of python tools to help create an OPSEC-safe Cobalt Strike profile.