针对IoT固件的openssl加密的暴力破解脚本

IOT固件枚举未授权页面

BRCM Firmware Image Unpacker

A simple botnet that propagates via TELNET, controlled via IRC server, can execute shell commands and launch DDoS attacks

Lightweight Botnet Client-Server

A Modular Botnet with DNS tunneling support

A super portable botnet framework with a Django-based C2 server. The client is written in C++, with alternate clients written in Rust, Bash, and Powershell.

reverse-TCP backdoor disguised within the netstat utility. It's designed to automatically exclude itself from the netstat output. (educational purposes only)

yet another tool for analysing binaries

Hex Viewer/Editor/Analyzer compatible with Linux/Windows/MacOS

All-in-One Toolkit for BruteForce Attacks

机场推荐与机场评测

Reverse Engineering and Observability toolkit for Draytek firewalls

Tiny SHell Go - An open-source backdoor written in Go

Angr CTF From introduction to mastery

Great explanation of Process Hollowing (a Technique often used in Malware)

ROPDump is a command-line tool designed to analyze binary executables for potential Return-Oriented Programming (ROP) gadgets, buffer overflow vulnerabilities, and memory leaks.

Fuzzing IoT Devices Using the Router TL-WR902AC as Example

Reverse shell listener and payload generator designed to work on most Linux targets

Determine the Palo Alto PAN-OS software version of a remote GlobalProtect portal or management interface.

D-Link firmware decryption PoC

CVE-2017-3881 Cisco Catalyst Remote Code Execution PoC

Nyxstone: assembly / disassembly library based on LLVM, implemented in C++ with Rust and Python bindings, maintained by emproof.com

This is a curated list of mobile based CTFs, write-ups and vulnerable apps. Most of them are android based due to the popularity of the platform.

一款内网综合扫描工具，方便一键自动化、全方位漏扫扫描。