Macfy-xi

Macfy-xi's Stars

• berryalen02/PECracker

  针对PE文件的分离的攻防对抗工具，红队、研究者的好帮手。目前支持文件头伪装、证书区段感染。A no-kill confrontation tool for the separation of PE files, a good helper for red teams and researchers. Currently, file header spoofing and certificate segment infection are supported.

  Language:Go22825

• swisskyrepo/PayloadsAllTheThings

  A list of useful payloads and bypass for Web Application Security and Pentest/CTF

  Language:Python61.2k14.7k

• fern89/C2

  A basic C2 framework written in C

  Language:C585

• 0xTalShang/WindowsKernel

  windwos内核研究与驱动Code

  6018

• rasta-mouse/OST-C2-Spec

  Open Source C&C Specification

  21914

• Anduin2017/HowToCook

  程序员在家做饭方法指南。Programmer's guide about how to cook at home (Simplified Chinese only).

  Language:Dockerfile67.2k8.7k

• seventeenman/CallBackDump

  dump lsass进程工具

  Language:C++54473

• trustedsec/CS-Situational-Awareness-BOF

  Situational Awareness commands implemented using Beacon Object Files

  Language:C1.3k218

• x64dbg/TitanEngine

  TitanEngine Community Edition. Debug engine used by x64dbg.

  Language:C++39183

• kyxiaxiang/Beacon_Source

  not a reverse-engineered version of the Cobalt Strike Beacon

  Language:C334151

• idiotc4t/ADVobfuscator

  Obfuscation library based on C++11/14 and metaprogramming

  3

• idiotc4t/windows_protocol

  1

• idiotc4t/C3

  Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits.

  1

• langsasec/info-gathering

  资产测绘，威胁情报中心，谷歌语法，外网，社工库，暗网，最新安全资讯

  24424

• testxxxzzz/geacon_pro

  重构了Cobaltstrike Beacon，行为对国内主流杀软免杀，支持4.1以上的版本。 A cobaltstrike Beacon bypass anti-virus, supports 4.1+ version.

  269232

• r0oth3x49/ghauri

  An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws

  Language:Python3.1k308

• H4K6/webshell

  含免杀一句话、大马等过狗waf - 来源于网络收集的webshell，实时更新。

  Language:PHP189

• Hzllaga/ShellcodeLoader

  将shellcode用rsa加密并动态编译exe，自带几种反沙箱技术。

  Language:C#52379

• cdk-team/CDK

  📦 Make security testing of K8s, Docker, and Containerd easier.

  Language:Go3.9k543

• langsasec/Sign-Sacker

  Sign-Sacker(签名掠夺者)：一款数字签名复制器，可将其他官方exe中数字签名，图标，详细信息复制到没有签名的exe中，作为免杀，权限维持，伪装的一种小手段。

  Language:Python50377

• Mob2003/rakshasa

  基于go编写的跨平台、稳定、隐秘的多级代理内网穿透工具

  Language:Go1k142

• Mr-xn/Penetration_Testing_POC

  渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

  Language:HTML6.6k2k

• Ex-Origin/ctf-writeups

  Language:Java5126

• B1gM8c/PrivacysClub

  Language:Vue11934

• jiangsir404/Audit-Learning

  记录自己对《代码审计》的理解和总结，对危险函数的深入分析以及在p牛的博客和代码审计圈的收获

  967170

• jiangsir404/PHP-code-audit

  php code audit for cms vulnerabilities / 代码审计，对一些大型cms漏洞的复现研究，更新源码和漏洞exp

  Language:Python27561

• d3ckx1/Fvuln

  F-vuln（全称：Find-Vulnerability）是为了自己工作方便专门编写的一款自动化工具，主要适用于日常安全服务、渗透测试人员和RedTeam红队人员，它集合的功能包括：存活IP探测、开放端口探测、web服务探测、web漏洞扫描、smb爆破、ssh爆破、ftp爆破、mssql爆破等其他数据库爆破工作以及大量web漏洞检测模块。

  1.1k144