Run0nceEx
Follow
Starred repositories
38
results
for source starred repositories
written in C#
Clear filter
Windows system utilities to maximize productivity
A hex editor for WeChat/QQ/TIM - PC版微信/QQ/TIM防撤回补丁(我已经看到了,撤回也没用了)
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
Cross-Platform, modern and powerful stream downloader for MPD/M3U8/ISM. English/简体中文/繁體中文.
微信客户端取证,可获取用户个人信息(昵称/账号/手机/邮箱/数据库密钥(用来解密聊天记录));支持获取多用户信息,不定期更新新版本偏移,目前支持所有新版本、正式版本
Deserialization payload generator for a variety of .NET formatters
超级弱口令检查工具是一款Windows平台的弱口令审计工具,支持批量多线程检查,可快速发现弱密码、弱口令账号,密码支持和用户名结合进行检查,大大提高成功率,支持自定义服务端口和字典。
A tool to view and extract the contents of an Windows Installer (.msi) file.
PowerForensics provides an all in one platform for live disk forensic analysis
Porting of mimikatz sekurlsa::logonpasswords, sekurlsa::ekeys and lsadump::dcsync commands
SharpSQLTools 和@Rcoil一起写的小工具,可上传下载文件,xp_cmdshell与sp_oacreate执行命令回显和clr加载程序集执行相应操作。
PoCs and tools for investigation of Windows process execution techniques
Sandman is a NTP based backdoor for red team engagements in hardened networks.
Find vulnerabilities in AD Group Policy, but do it better than Grouper2 did.
Dynamically invoke arbitrary unmanaged code from managed code without PInvoke.
A PowerShell front-end for the Windows debugger engine.
Command line tracing tool for Windows, based on ETW.
这是一个一键辅助抓取360安全浏览器密码的CobaltStrike脚本以及解密小工具,用于节省红队工作量,通过下载浏览器数据库、记录密钥来离线解密浏览器密码。
Proof-of-Concept tool to authenticate to an LDAP/S server with a certificate through Schannel
Persistence by writing/reading shellcode from Event Log
ETWProcessMon2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.
.NET Project containing plenty of advanced techniques to detect various types of malicious actions on your software, with syscall support.