Pinned Repositories
-APT-
APT
1earn
个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Active-Directory-Pentest-Notes
个人域渗透学习笔记
ADIDNSRecords
Alternative C# Implementation tool to retrieve Active Directory Integrated DNS records with IP addresses
AgentSmith-HIDS
By Kprobe technology Open Source Host-based Intrusion Detection System(HIDS), from E_Bwill.
al-khaser
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
Alaris
A protective and Low Level Shellcode Loader the defeats modern EDR systems.
autochk-rootkit
Reverse engineered source code of the autochk rootkit
Hacking-Security-Ebooks
Top 100 Hacking & Security E-Books (Free Download)
RunOnceEx's Repositories
RunOnceEx/apache-rootkit
A malicious Apache module with rootkit functionality
RunOnceEx/DBC2
DBC2 (DropboxC2) is a modular post-exploitation tool, composed of an agent running on the victim's machine, a controler, running on any machine, powershell modules, and Dropbox servers as a means of communication.
RunOnceEx/DNS-C2
DNS-Persist is a post-exploitation agent which uses DNS for command and control
RunOnceEx/esdk_Cgw
RunOnceEx/EventCleaner
A tool mainly to erase specified records from Windows event logs, with additional functionalities.
RunOnceEx/external_c2_framework
Python api for usage with cobalt strike's External C2 specification
RunOnceEx/Hooking-via-InstrumentationCallback
codes for my blog post: https://secrary.com/Random/InstrumentationCallback/
RunOnceEx/ioctlpus
RunOnceEx/jdbc-backdoor
A fake JDBC driver that allows OS command execution.
RunOnceEx/jellyfish
GPU rootkit PoC by Team Jellyfish
RunOnceEx/MSSQL-Fileless-Rootkit-WarSQLKit
Bildiğiniz üzere uzun zamandır MSSQL üzerine çalışmalar yapmaktayım. Bu yazımda uzun zamandır uğraştığım bir konuyu ele alacağım, MSSQL Rootkit. Bildiğiniz üzere şimdiye kadar MS-SQL için anlatılan post-exploitation işlemlerinin büyük çoğunluğu “xp_cmdshell” ve “sp_OACreate” stored procedure’lerini kullanarak anlatılır. Peki xp_cmdshell ve sp_OACreate stored procedure’lerinin olmadığı bir MSSQL sunucusunun “sa” hesabını ele geçirmişsek, o sisteme girmekten vaz mı geçeceğiz? Tabii ki vazgeçmememiz gerekiyor. Bu makale “sa” hesabının yakalandığı ve “xp_cmdshell”, “sp_OACreate”, “sp_OAMethod” vb. prosedürlerin hiç birinin çalışmadığı bir senaryo düşünülerek kaleme alınmıştır.
RunOnceEx/MyHousekeeper
电脑管家,可以根据不同的病毒特征查杀
RunOnceEx/NetworkSocket
NetworkSocket是一个以中间件(middleware)扩展通讯协议,以插件(plug)扩展服务器功能的支持SSL安全传输的通讯框架;目前支持http、websocket、fast、flex策略与silverlight策略协议。
RunOnceEx/nt4
Windows NT4 source code
RunOnceEx/OSCE
Collection of things made during my preparation to take on OSCE
RunOnceEx/OSCE-1
Some exploits, which I’ve created during my OSCE preparation.
RunOnceEx/PESecurity
PowerShell module to check if a Windows binary (EXE/DLL) has been compiled with ASLR, DEP, SafeSEH, StrongNaming, and Authenticode.
RunOnceEx/r.net
Use .Net assemblies from R environment
RunOnceEx/redsnarf
RedSnarf is a pen-testing / red-teaming tool for Windows environments
RunOnceEx/Reflective-Driver-Loader
RunOnceEx/SharpWeb
.NET 2.0 CLR project to retrieve saved browser credentials from Google Chrome, Mozilla Firefox and Microsoft Internet Explorer/Edge.
RunOnceEx/shellcode-example
Windows shellcode example
RunOnceEx/sniffMK
sniff mouse and keyboard events
RunOnceEx/SuperVirus
Project aimed at creating a malware able to evolve and adapt to the various host machines through metamorphic modifications, spontaneous mutations, code imitation and DNA programming to enable/disable functionalities
RunOnceEx/UncoverDCShadow
A PowerShell utility to dynamically uncover a DCShadow attack
RunOnceEx/Veracrypt-Password-Extractor
A proof-of-concept DLL that prints out the password a user enters into Veracrypt while decrypting a volume.
RunOnceEx/WinPIT
Windows Process Injection Toolkit - plain and simple :)