OFalwl's Stars
Aabyss-Team/ARL
ARL官方仓库备份项目:ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
idiotc4t/Reflective-HackBrowserData
HackBrowserData的反射模块
lemono0/FastJsonParty
FastJson全版本Docker漏洞环境(涵盖1.2.47/1.2.68/1.2.80等版本),主要包括JNDI注入及高版本绕过、waf绕过、文件读写、原生反序列化、利用链探测绕过、不出网利用等。从黑盒的角度覆盖FastJson深入利用
Getshell/LinuxTQ
《Linux提权方法论》
LogicJake/WebMonitor
实时监控网页变化,并发送通知(Monitor web page changes in real time and send notifications)
xcellerator/linux_kernel_hacking
Linux Kernel Hacking
fr0gger/Awesome-GPT-Agents
A curated list of GPT agents for cybersecurity
libaibaia/cloudSec
云安全利用工具-云平台AK/SK-WEB利用工具,添加AK/SK自动检测资源,无需手动执行,支持云服务器、存储桶、数据库操作
CrossC2/autoRebind
Automatically parse Malleable C2 profiled into CrossC2 rebinding library source code
Richard-Tang/CrossC2-C2Profile
CrossC2通信协议API实现
Dido1960/random_c2_profile
Cobalt Strike random C2 Profile 修改版(适配腾讯云函数,亚马逊云函数和CrossC2自定义protocol)
wikiZ/RedGuard
RedGuard is a C2 front flow control tool,Can avoid Blue Teams,AVs,EDRs check.
veo/nginx_shell
nginx WebShell/内存马,更优雅的nignx backdoor
Seals6/CVE-2021-22205
CVE-2021-22205未授权漏洞批量检测与利用工具
WKL-Sec/Malleable-CS-Profiles
A list of python tools to help create an OPSEC-safe Cobalt Strike profile.
RichHeaderResearch/RichPE
Metadata hash incorporating the Rich Header for robustness against packing and other malware tricks
Tylous/SourcePoint
SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.
TryGOTry/AutoGeaconC2
AutoGeaconC2: 一键读取Profile自动化生成geacon实现跨平台上线CobaltStrike
OFalwl/MobaXtermKeyGen
MobaXterm Pro Key Generator, support the old/latest/future versions.
owenxuan/MobaXterm-Keygen
MobaXterm注册机
Notselwyn/CVE-2024-1086
Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.
Sk3pper/CVE-2024-21626
NitroCao/CVE-2024-21626
PoC and Detection for CVE-2024-21626
INotGreen/XiebroC2
渗透测试C2、支持Lua插件扩展、域前置/CDN上线、自定义profile、前置sRDI、文件管理、进程管理、内存加载、截图、反向代理、分组管理
X1r0z/JNDIMap
JNDI 注入利用工具, 支持 RMI, LDAP 和 LDAPS 协议, 包含多种高版本 JDK 绕过方式 | A JNDI injection exploit tool that supports RMI, LDAP and LDAPS protocols, including a variety of methods to bypass higher-version JDK
Workingdaturah/Payload-Generator
An aggressor script that can help automate payload building in Cobalt Strike
rek7/fireELF
fireELF - Fileless Linux Malware Framework
yutianqaq/CSx3Ldr
Cobalt Strike插件
sma11new/Pyke-Shiro
复杂请求下的Shiro反序列化利用工具
wafinfo/DecryptTools
DecryptTools-综合解密