若依最新定时任务SQL注入可导致RCE漏洞的一键利用工具

自动化反编译微信小程序，小程序安全评估工具，发现小程序安全问题，自动解密，解包，可还原工程目录，支持Hook，小程序修改

微信小程序辅助渗透-自动化

Sleep obfuscation

攻防演练过程中，我们通常会用浏览器访问一些资产，但很多未授权/敏感信息/越权隐匿在已访问接口过html、JS文件等，该插件能让我们发现未授权/敏感信息/越权/登陆接口等。

Web 版 Java Payload 生成与漏洞利用工具，提供 Java 反序列化、Hessian 1/2 反序列化等 Payload 生成，以及 JNDI Exploit、Fake Mysql Exploit、JRMPListener 等相关利用

A plugin to edit and view Excalidraw drawings in Obsidian

Resolve the issue of DLLmain function in white and black DLLs hanging when calling shellcode

微信小程序反编译工具，.wxapkg 文件扫描 解密 解包工具

Ready to go Phishing Platform

Important notes and topics on my journey towards mastering Windows Internals

The most powerful and modular diffusion model GUI, api and backend with a graph/nodes interface.

This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone is created, it utilizes MINIDUMP_CALLBACK_INFORMATION callb…

Indirect Dynamic Syscall, SSN Syscall address sorting via Modified TartarusGate approach Remote Process Injection via APC Early Bird Spawns a sacrificial Process as target process (ACG Bloc…

使用 rust 实现 CobaltStrike 的 beacon || Using Rust to implement CobaltStrike's Beacon

An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution

This project aims to enhance the working environment on Windows

Tool for Active Directory Certificate Services enumeration and abuse

A new technique that can be used to bypass memory scanners. This can be useful in hiding problematic code (such as reflective loaders implemented by C2 beacons) or other problematic executables tha…

Work, timer, and wait callback example using solely Native Windows APIs.

A rule-based tunnel for Android.

Continuation of Clash Verge - A Clash Meta GUI based on Tauri (Windows, MacOS, Linux)

A GUI client for Windows, support Xray core and v2fly core and others

JVM Dynamic Attach utility

AK资源管理工具，阿里云/腾讯云/华为云/AWS/UCLOUD/京东云/百度云/七牛云存储 AccessKey AccessKeySecret，利用AK获取资源信息和操作资源，ECS/CVM/E2/UHOST/ECI/BCC执行命令，OSS/COS/S3/BOS管理，RDS/DB管理，域名管理，添加RAM/CAM/IAM账号等

Transfer files to and from a Windows host via ICMP in restricted network environments.

“连续八年成为全世界最受喜爱的语言，无 GC 也无需手动内存管理、极高的性能和安全性、过程/OO/函数式编程、优秀的包管理、JS 未来基石" — 工作之余的第二语言来试试 Rust 吧。本书拥有全面且深入的讲解、生动贴切的示例、德芙般丝滑的内容，这可能是目前最用心的 Rust 中文学习教程 / Book

PoC module to demonstrate automated lateral movement with the Havoc C2 framework.

Burp Suite Certified Practitioner Exam Study