A list of useful payloads and bypass for Web Application Security and Pentest/CTF

CTF framework and exploit development library

OneForAll是一款功能强大的子域收集工具

Exploit Development and Reverse Engineering with GDB Made Easy

Automated Adversary Emulation Platform

HTTP parameter discovery suite.

Generates permutations, alterations and mutations of subdomains and then resolves them

KunLun-M是一个完全开源的静态白盒扫描工具，支持PHP、JavaScript的语义扫描，基础安全、组件安全扫描，Chrome Ext\Solidity的基础扫描。

bayonet是一款src资产管理系统，从子域名、端口服务、漏洞、爬虫等一体化的资产管理系统

记录自己编写、修改的部分工具

SRC子域名资产监控

红队基础设施自动化部署工具

XssPy - Web Application XSS Scanner

CS免杀

Binary Hacking Study Notes

Beat LeetCode with the Power of Anki.

攻击流量模拟 用于迷惑蓝队 分散蓝队精力 混淆真实攻击流量

ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.

2018 School project - PoC of malware code obfuscation in Word macros

一个想让大家赚钱的数字货币量化项目，想带一帮人一起赚点小钱，助力共同富裕。