An OOB interaction gathering server and client library

The recursive internet scanner for hackers. 🧡

check hikvision/ys7 api

《APT Individual Combat Guide》

📦 Make security testing of K8s, Docker, and Containerd easier.

网络摄像头漏洞扫描工具 | Webcam vulnerability scanning tool

Hikvision综合漏洞利用工具

PDF dropper Red Team Scenairos

Customizable Linux Persistence Tool for Security Research and Detection Engineering.

Windows and Cygwin port of proxychains, based on MinHook and DLL Injection

captcha-killer的修改版，支持关键词识别base64编码的图片，添加免费ocr库，用于验证码爆破，适配新版Burpsuite

oracle 数据库命令执行

Red Tools 渗透测试

Killer is a simple tool designed to bypass AV/EDR security tools using various evasive techniques.

HookChain: A new perspective for Bypassing EDR Solutions

superSearchPlus是聚合型信息收集插件，支持综合查询，资产测绘查询，信息收集 敏感信息提取 js资源扫描 目录扫描 vue组件扫描 整合了目前常见的资产测绘平台 专为白帽子提供快速侦测目标。

此项目的POC来源为2024年以来各大威胁情报的高危漏洞复现，POC已通过nuclei或xray武器化，本项目旨在为网络安全爱好者们提供一点参考资料，可供个人研究使用，共勉

内网渗透过程中搜寻指定文件内容，从而找到突破口的一个小工具

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.

A tool to make socks connections through HTTP agents

Study Notes For Web Hacking / Web安全学习笔记

Loading BOF & ShellCode without executable permission memory.

收集整理漏洞EXp/POC,大部分漏洞来源网络，目前收集整理了800多个poc/exp，长期更新。

2024 HVV情报速递~

收集整理漏洞EXP/POC,大部分漏洞来源网络，目前收集整理了1400多个poc/exp，长期更新。

A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.

The swiss army knife of LSASS dumping