- All languages
- ASP.NET
- Assembly
- Batchfile
- BlitzBasic
- C
- C#
- C++
- CSS
- Classic ASP
- CodeQL
- Dockerfile
- Go
- HTML
- Hack
- Haskell
- Java
- JavaScript
- Lua
- Makefile
- Mustache
- NSIS
- Nim
- Objective-C
- PHP
- Pascal
- Perl
- PowerShell
- Python
- REXX
- Roff
- Ruby
- Rust
- Shell
- Smali
- Smarty
- Swift
- TypeScript
- VBScript
- Visual Basic
- Vue
- XSLT
- YARA
- Zig
Starred repositories
Exploit for CVE-2022-21999 - Windows Print Spooler Elevation of Privilege Vulnerability (LPE)
4个 .soap 版本的WebShell(持续更新维护),优点:可以运行于子目录,突破了过去只能运行于根目录的限制。4个脚本分别支持调用cmd.exe/哥斯拉/冰蝎/天蝎 客户端。
攻防演练过程中,我们通常会用浏览器访问一些资产,但很多未授权/敏感信息/越权隐匿在已访问接口过html、JS文件等,该插件能让我们发现未授权/敏感信息/越权/登陆接口等。
Burpsuite - Route Vulnerable Scanning 递归式被动检测脆弱路径的burp插件
elevate -- start elevated processes from the command line
Generic PE loader for fast prototyping evasion techniques
Yet another C++ Cobalt Strike beacon dropper with Compile-Time API hashing and custom indirect syscalls execution
基于 jdwp-shellifier 的进阶JDWP漏洞利用脚本(动态执行Java/Js代码并获得回显)
加载 BOF & ShellCode 无需可执行权限内存。Loading BOF & ShellCode without executable permission memory.
Collection of UAC Bypass Techniques Weaponized as BOFs
susMdT / AceLdr
Forked from kyleavery/AceLdrCobalt Strike UDRL for memory scanner evasion.
lgandx / Responder
Forked from SpiderLabs/ResponderResponder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…
PingCastle - Get Active Directory Security at 80% in 20% of the time
Get the unique machine id of any host (without admin privileges)
无Windows API的新型恶意程序:自缺陷程序利用堆栈溢出的隐匿稳定攻击技术研究,A new type of malicious program without Windows API
The best HTTP Static File Server, write with golang+vue
UltraVNC Server, UltraVNC Viewer and UltraVNC SC | Official repository: https://github.com/ultravnc/UltraVNC
An open-source remote desktop application designed for self-hosting, as an alternative to TeamViewer.