Ravensss's Stars
mgeeky/cobalt-arsenal
My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+
NetSPI/ESC
Evil SQL Client (ESC) is an interactive .NET SQL console client with enhanced SQL Server discovery, access, and data exfiltration features. While ESC can be a handy SQL Client for daily tasks, it was originally designed for targeting SQL Servers during penetration tests and red team engagements. The intent of the project is to provide an .exe, but also sample files for execution through mediums like msbuild and PowerShell.
nian-hua/BurpExtender
dozernz/cve-2020-11651
Flangvik/NetLoader
Loads any C# binary in mem, patching AMSI + ETW.
devanshbatham/Awesome-Bugbounty-Writeups
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
OoOverflow/reverse_dns_shell
nsacyber/Mitigating-Web-Shells
Guidance for mitigation web shells. #nsacyber
CCob/SweetPotato
Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019
wsfengfan/CVE-2020-2555
CVE-2020-2555 Python POC
hasherezade/exe_to_dll
Converts a EXE into DLL
guardicore/vmware_vcenter_cve_2020_3952
Exploit for CVE-2020-3952 in vCenter 6.7
uknowsec/SweetPotato
Modifying SweetPotato to support load shellcode and webshell
QAX-A-Team/sharpwmi
sharpwmi是一个基于rpc的横向移动工具,具有上传文件和执行命令功能。
jvoisin/php-malware-finder
Detect potentially malicious PHP files
5up3rc/weblogic_cmd
weblogic t3 deserialization rce
rcx/shellcode_encoder
x64 printable shellcode encoder
brimstone/go-shellcode
Load shellcode into a new process
bytecod3r/Cobaltstrike-Aggressor-Scripts-Collection
Collection of tested Cobaltstrike aggressor scripts.
jas502n/CVE-2020-10199
CVE-2020-10199、CVE-2020-10204、CVE-2020-11444
stephenfewer/ReflectiveDLLInjection
Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process.
orangetw/awesome-jenkins-rce-2019
There is no pre-auth RCE in Jenkins since May 2017, but this is the one!
1120362990/vulnerability-list
在渗透测试中快速检测常见中间件、组件的高危漏洞。
zhzyker/exphub
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340
onSec-fr/Http-Asynchronous-Reverse-Shell
[POC] Asynchronous reverse shell using the HTTP protocol.
ambionics/phpggc
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
bitcoinbull/okex-stoploss
okex期货止损程序
antman1p/ShellCodeRunner
XOR Payload Encryptor for .NET and Payload Runner with Built-in XOR Decryptor
the-xentropy/xencrypt
A PowerShell script anti-virus evasion tool
Jumbo-WJB/CVE-2020-0688
CVE-2020-0688 - Exchange