工程师视角的 Web3 初探

Cyber Security ALL-IN-ONE Platform

🛡️ Open-source and next-generation Web Application Firewall (WAF)

Godzilla插件|内存马|Suo5内存代理｜jmg for Godzilla

darkPulse是一个用go编写的shellcode Packer，用于生成各种各样的shellcode loader，免杀火绒，360核晶等国内常见杀软。

收集整理漏洞EXP/POC,大部分漏洞来源网络，目前收集整理了1400多个poc/exp，长期更新。

Grok open release

Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).

The Network Execution Tool

集权设施扫描器

一款支持自定义的 Java 内存马生成工具｜A customizable Java in-memory webshell generation tool.

New generation of wmiexec.py

Kuboard 是基于 Kubernetes 的微服务管理界面。同时提供 Kubernetes 免费中文教程，入门教程，最新版本的 Kubernetes v1.23.4 安装手册，(k8s install) 在线答疑，持续更新。

面向红队的, 高度可控可拓展的自动化引擎

本项目集成了全网优秀的攻防武器工具项目，包含自动化利用，子域名、目录扫描、端口扫描等信息收集工具，各大中间件、cms、OA漏洞利用工具，爆破工具、内网横向、免杀、社工钓鱼以及应急响应、甲方安全资料等其他安全攻防资料。

AV/EDR evasion via direct system calls.

This repository started out as a learning in public project for myself and has now become a structured learning map for many in the community. We have 3 years under our belt covering all things Dev…

CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.

Rust Weaponization for Red Team Engagements.

This project is 'bridge' between the sleep and python language. It allows the control of a Cobalt Strike teamserver through python without the need for for the standard GUI client. NOTE: This proje…

Modify version of impacket wmiexec.py, get output(data,response) from registry, don't need SMB connection, also bypassing antivirus-software in lateral movement like WMIHACKER.

C++ WinRM API via Reflective DLL

内网渗透测试工具，弱密码爆破、信息收集和漏洞扫描

Redis 4.x/5.x RCE

Fastjson姿势技巧集合

A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certificate service.

Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process.

🐜🐜🐜 ants is the most powerful and reliable pooling solution for Go.