Pinned Repositories
--Java
代码审计知识点整理-Java
24HW_POC
360QVM_bypass
通过生成不同hash的ico并写入程序中,实现批量bypass360QVM
A-Red-Teamer-diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
ActiveMQ_RCE_Pro_Max
CVE-2023-46604
ActiveMqRCE
用java实现构造openwire协议,利用activeMQ < 5.18.3 RCE 回显利用 内存马注入
AheadLibEx
hijack dll Source Code Generator .
SecurityList
A list for Web Security and Code Audit
SmallProxyPool
一个免费高质量的小代理池,解决一些站点有WAF的情况下,进行目录扫描或者字典爆破
zombie
a weak weak pass tool
UnT7's Repositories
UnT7/24HW_POC
UnT7/APT-Individual-Combat-Guide
《APT Individual Combat Guide》
UnT7/Beacon
重构Beacon
UnT7/BinarySpy
一个手动或自动patch shellcode到二进制文件的免杀工具/A tool for manual or automatic patch shellcode into binary file oder to bypass AV.
UnT7/BootExecuteEDR
UnT7/CVE-2024-35250
PoC for the Untrusted Pointer Dereference in the ks.sys driver
UnT7/CVE-2024-49112
LdapNightmare is a PoC tool that tests a vulnerable Windows Server against CVE-2024-49112
UnT7/damnCoffee
一款简单的后渗透免杀加载器,Bypass AV/EDR
UnT7/DockerApiRCE
DockerApiRCE
UnT7/dodgypass
Golden collection of weak passwords
UnT7/Dumphash1
绕过杀软dumphash 离线读取
UnT7/easybypassdemo
UnT7/eBSploit
eBSploit适用于内网渗透中遇到MS17-010漏洞的情况快速上线公网msf及cs,同时支持自定义dll命令执行、会话迁移等操作。
UnT7/FindToDeskPass
通过Dump内存读取ToDesk设备代码、连接密码
UnT7/FscanParser
一个用于处理fsacn输出结果的小工具(尤其面对大量资产的fscan扫描结果做输出优化,让你打点快人五步!!!)
UnT7/InjectSQLServer
Get sql server connection configuration information
UnT7/InjectTools
一款集成了DLL-Session0注入,APC注入,映射注入,线程劫持,函数踩踏,提权的工具(支持BIN加解密)
UnT7/LOLBAS
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
UnT7/MemShellParty
JavaWeb 内存马开聚会 🎉
UnT7/NativeDump
Dump lsass using only Native APIs by hand-crafting Minidump files (without MinidumpWriteDump!)
UnT7/No-Consolation
A BOF that runs unmanaged PEs inline
UnT7/PPLrevenant
Bypass LSA protection using the BYODLL technique
UnT7/ProxyCat
一款部署于云端或本地的代理池中间件,可将静态代理IP灵活运用成隧道IP,提供固定请求地址,一次部署终身使用
UnT7/Rust_Beacon
使用 rust 实现的 CobaltStrike 的 beacon
UnT7/RustiveDump
LSASS memory dumper using only NTAPIs, creating a minimal minidump, built in Rust with no_std and independent of the C runtime (CRT). It can be compiled as shellcode (PIC), supports XOR encryption, and remote file transmission.
UnT7/ShadowDumper
Shadow Dumper is a powerful tool used to dump LSASS memory, often needed in penetration testing and red teaming. It uses multiple advanced techniques to dump memory, allowing to access sensitive data in LSASS memory.
UnT7/Sharp4SoapShell
3个 .soap 版本的WebShell,优点:可以运行于子目录,突破了过去只能运行于根目录的限制。3个脚本分别支持哥斯拉/冰蝎/天蝎 客户端
UnT7/SkyShadow
Generate DLL Hijacking Payload in batches.
UnT7/Tempest
A command and control framework written in rust.
UnT7/ZeroEye
自动化找白文件,用于扫描 EXE 文件的导入表,列出导入的DLL文件,并筛选出非系统DLL,符合条件的文件将被复制到特定的 X64 或 X86 文件夹