Pinned Repositories
0day
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新
ASP.NET-Memshell-Scanner
asp.net内存马检测工具
BypassAntiVirus
远控免杀系列文章及配套工具,汇总测试了互联网上的几十种免杀工具、113种白名单免杀方式、8种代码编译免杀、若干免杀实战技术,并对免杀效果进行了一一测试,为远控的免杀和杀软对抗免杀提供参考。
CallBackDump
dump lsass进程工具
cf
Cloud Exploitation Framework 云环境利用框架,方便安全人员在获得 AK 的后续工作
dll_inject_vs_binaries
LOLBINs that inject a DLL into a given process ID.
domainscan
DumpNParse
A Combination LSASS Dumper and LSASS Parser. All Credit goes to @slyd0g and @cube0x0.
DumpThatLSASS
Dumping LSASS by Unhooking MiniDumpWriteDump by getting a fresh DbgHelp.dll copy from the disk , plus functions and strings obfuscation , it contains Anti-sandbox , if you run it under unperformant Virtual Machine you need to uncomment the code related to it and recompile.
go-shellcode-1
A repository of Windows Shellcode runners and supporting utilities. The applications load and execute Shellcode using various API calls or techniques.
Goworlds's Repositories
Goworlds/0day
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC ,该项目将持续更新
Goworlds/ASP.NET-Memshell-Scanner
asp.net内存马检测工具
Goworlds/BypassAntiVirus
远控免杀系列文章及配套工具,汇总测试了互联网上的几十种免杀工具、113种白名单免杀方式、8种代码编译免杀、若干免杀实战技术,并对免杀效果进行了一一测试,为远控的免杀和杀软对抗免杀提供参考。
Goworlds/CallBackDump
dump lsass进程工具
Goworlds/cf
Cloud Exploitation Framework 云环境利用框架,方便安全人员在获得 AK 的后续工作
Goworlds/dll_inject_vs_binaries
LOLBINs that inject a DLL into a given process ID.
Goworlds/domainscan
Goworlds/DumpNParse
A Combination LSASS Dumper and LSASS Parser. All Credit goes to @slyd0g and @cube0x0.
Goworlds/DumpThatLSASS
Dumping LSASS by Unhooking MiniDumpWriteDump by getting a fresh DbgHelp.dll copy from the disk , plus functions and strings obfuscation , it contains Anti-sandbox , if you run it under unperformant Virtual Machine you need to uncomment the code related to it and recompile.
Goworlds/go-shellcode-1
A repository of Windows Shellcode runners and supporting utilities. The applications load and execute Shellcode using various API calls or techniques.
Goworlds/HVNC-2
基于Tinynuke修复得到的HVNC
Goworlds/mortar
evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)
Goworlds/MultiRDP
MultiRDP is a C# consosle application to make multiple RDP (Remote Desktop) sessions possible by patching termsrv.dll correctly.
Goworlds/nccfsas
Information released publicly by NCC Group's Full Spectrum Attack Simulation (FSAS) team.
Goworlds/noPac
CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.
Goworlds/nosferatu
Lsass NTLM Authentication Backdoor
Goworlds/pentesttools
redteam
Goworlds/physmem2profit
Physmem2profit can be used to create a minidump of a target hosts' LSASS process by analysing physical memory remotely
Goworlds/SharpGPOAbuse
SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights on a Group Policy Object (GPO) in order to compromise the objects that are controlled by that GPO.
Goworlds/SharpKatz
Porting of mimikatz sekurlsa::logonpasswords, sekurlsa::ekeys and lsadump::dcsync commands
Goworlds/SharpToken
.NET版本的incognito
Goworlds/Simple-Loader
Windows Defender ShellCode Execution Bypass
Goworlds/Sunflower_get_Password
一款针对向日葵的识别码和验证码提取工具
Goworlds/uac
Goworlds/WinSecTool
Windows安全研究工具包
Goworlds/WMEye
WMEye is a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement