Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC

A Microservices-based framework for the study of Network Security and Penetration Test techniques

JavaWeb 内存马开聚会 🎉

Open-source vulnerability scanner

应急响应实战笔记，一个安全工程师的自我修养。

A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.

A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk

The Havoc Framework

一款后渗透免杀工具，助力每一位像我这样的脚本小子快速实现免杀，支持bypass AV/EDR 360 火绒 Windows Defender Shellcode Loader

Linux 应急响应手册

Windows 应急响应手册

Elastic Security detection content for Endpoint

A list for Web Security and Code Audit

蓝队应急工具

Windows安全基线核查加固助手

一款支持自定义的 Java 内存马生成工具｜A customizable Java in-memory webshell generation tool.

Java内存马注入工具

多功能 java agent 内存马

A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage PowerShell reverse shell.

Metarget is a framework providing automatic constructions of vulnerable infrastructures.

notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)

A curated list of awesome resources related to executable packing

Pakkero is a binary packer written in Go made for fun and educational purpose. Its main goal is to take in input a program file (elf binary, script, even appimage) and compress it, protect it from …

Cobalt Strike HTTPS beaconing over Microsoft Graph API

Python Ransomware Tutorial - YouTube tutorial explaining code + showcasing the ransomware with victim/target roles

A ransomware generator written in C# WPF, using the RC4 encryption algorithm, will generate C++11 code and C# code

ebpf WebShell/内核马，一种新型内核马/WebShell技术

A Simple Ransomware Vaccine