Custom Selenium Chromedriver | Zero-Config | Passes ALL bot mitigation systems (like Distil / Imperva/ Datadadome / CloudFlare IUAM)

蓝队应急工具

基于个人习惯使用C/C++的shellcode开发项目模板

一款基于PE Patch技术的后渗透免杀工具，支持32位和64位

Proof of concept code for thread pool based process injection in Windows.

caozha-order是一个通用的广告（推广投放）竞价页订单管理系统，基于开源的caozha-admin开发，支持订单管理、订单回收站、产品管理、批量上传订单、批量导出订单（支持导出格式：.xls，.xlsx，.csv）、检测订单重复、竞价页的下单表单调用、客户下单时给管理员发邮件（短信）提醒等功能，内置灵活的查看订单权限设置机制。

TscanPlus_Win_Amd64_v2.2超雄版

一款综合性网络安全检测和运维工具，旨在快速资产发现、识别、检测，构建基础资产信息库，协助甲方安全团队或者安全运维人员有效侦察和检索资产，发现存在的薄弱点和攻击面。

A set of fully-undetectable process injection techniques abusing Windows Thread Pools

Threadless shellcode injection tool

戎码之眼是一个window上的基于att&ck模型的威胁监控工具.有效检测常见的未知威胁与已知威胁.防守方的利剑

Multilayered AV/EDR Evasion Framework

BCS（北京网络安全大会）2019 红队行动会议重点内容

A utility for working with Windows shortcut (.lnk) files

bring your own vulnerable driver

Some POCs for my BYOVD research and find some vulnerable drivers

A socksv5 proxy tool Written by CLang. 一款纯C实现的基于socks5协议的轻量内网穿透工具，支持ew的全部数据转发方式，支持跨平台使用

Amaterasu terminates, or inhibits, protected processes such as application control and AV/EDR solutions by leveraging the Sysinternals Process Explorer driver to kill a process's handles from kerne…

This is a private project

A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.

Capture BAT is a behavioral analysis tool of applications for the Win32 operating system family.

php vld 扩展 显示sg11解密后opcode补丁

php vld 扩展 显示sg11解密后opcode补丁

Labeless is a multipurpose IDA Pro plugin system for labels/comments synchronization with a debugger backend, with complex memory dumping and interactive Python scripting capabilities.

IAT Emulator for Themida/WL/VMP by Thase & T1t4n4pwn

Dynamic unpacker and import fixer for Themida/WinLicense 2.x and 3.x.

beta