Pinned Repositories
0xUBypass
AntiAV shellcode loader
2022-HW-POC
2022 护网行动 POC 整理
afrog
afrog 是一款性能卓越、快速稳定、PoC 可定制化的漏洞扫描工具 - A tool for finding vulnerabilities
AheadLibEx
hijack dll Source Code Generator .
aksk_tool
AK资源管理工具,阿里云/腾讯云/华为云/AWS/UCLOUD/京东云/七牛云存储 AccessKey AccessKeySecret,利用AK获取资源信息和操作资源,ECS/CVM/E2/UHOST/ECI执行命令,OSS/COS/S3管理,RDS/DB管理,域名管理,添加RAM/CAM/IAM账号等
All-Defense-Tool
本项目集成了全网优秀的攻防武器工具项目,包含自动化利用,子域名、目录扫描、端口扫描等信息收集工具,各大中间件、cms漏洞利用工具,爆破工具、内网横向及免杀、社工钓鱼以及应急响应等资料。
AniYa
免杀框架
AnotherRedisDesktopManager
🚀🚀🚀A faster, better and more stable Redis desktop manager [GUI client], compatible with Linux, Windows, Mac.
CVE-2021-22205-
CVE-2021-22205未授权漏洞批量检测与利用工具
MobaXtermKeyGen
MobaXterm Pro Key Generator, support the old/latest/future versions.
OFalwl's Repositories
OFalwl/MobaXtermKeyGen
MobaXterm Pro Key Generator, support the old/latest/future versions.
OFalwl/AnotherRedisDesktopManager
🚀🚀🚀A faster, better and more stable Redis desktop manager [GUI client], compatible with Linux, Windows, Mac.
OFalwl/ARL-Asset-Reconnaissance-Lighthouse-
ARL官方仓库备份项目:ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
OFalwl/AutoGeaconC2
AutoGeaconC2: 一键读取Profile自动化生成geacon实现跨平台上线CobaltStrike
OFalwl/AVEvasionCraftOnline
An online AV evasion platform written in Springboot (Golang, Nim, C) supports embedded, local and remote loading of Shellocde methods.
OFalwl/Awesome-GPT-Agents
A curated list of GPT agents for cybersecurity
OFalwl/awesome-ida-x64-olly-plugin
A curated list of IDA x64DBG, Ghidra and OllyDBG plugins.
OFalwl/blackjump
JumpServer 堡垒机未授权综合漏洞利用, Exploit for CVE-2023-42442 / CVE-2023-42820 / RCE 2021
OFalwl/CSx3Ldr
Cobalt Strike插件
OFalwl/CVE-2024-1086
Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.
OFalwl/CVE-2024-21626
PoC and Detection for CVE-2024-21626
OFalwl/CVE-2024-21626-hig
OFalwl/DecryptTools
DecryptTools-综合解密
OFalwl/FastJsonParty
FastJson全版本Docker漏洞环境(涵盖1.2.47/1.2.68/1.2.80等版本),主要包括JNDI注入及高版本绕过、waf绕过、文件读写、原生反序列化、利用链探测绕过、不出网利用等。从黑盒的角度覆盖FastJson深入利用
OFalwl/JenkinsExploit-GUI
一款Jenkins的综合漏洞利用工具
OFalwl/JNDIMap
JNDI 注入利用工具, 支持 RMI 和 LDAP 协议, 包含多种高版本 JDK 绕过方式
OFalwl/LearnJavaMemshellFromZero
【三万字原创】完全零基础从0到1掌握Java内存马,公众号:追梦信安
OFalwl/Malleable-CS-Profiles
A list of python tools to help create an OPSEC-safe Cobalt Strike profile.
OFalwl/MobaXterm-Keygen
MobaXterm注册机
OFalwl/NacosExploitGUI
Nacos漏洞综合利用GUI工具,集成了默认口令漏洞、SQL注入漏洞、身份认证绕过漏洞、反序列化漏洞的检测及其利用
OFalwl/nginx_shell
nginx WebShell/内存马,更优雅的nignx backdoor
OFalwl/Payload-Generator
An aggressor script that can help automate payload building in Cobalt Strike
OFalwl/Penetration_Testing_POC
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
OFalwl/Pyke-Shiro
复杂请求下的Shiro反序列化利用工具
OFalwl/RuoYi-v4.7.8-RCE-POC
OFalwl/SourcePoint
SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.
OFalwl/spirit
Spirit - Network Pentest Tools
OFalwl/Supernova_CN
Supernova 的中文版和扩展了一些加密方式(ROT, XOR, RC4, AES, CHACHA20, B64XOR, B64RC4, B64AES, B64CHACHA20)
OFalwl/WebMonitor
实时监控网页变化,并发送通知(Monitor web page changes in real time and send notifications)
OFalwl/XiebroC2
一款支持多人协作的渗透测试图形化框架、支持lua插件扩展、域前置/CDN上线、自定义多个模块、自定义shellcode、文件管理、进程管理、内存加载、反向代理等功能