Pinned Repositories
0x00sec_code
Code for my 0x00sec.org posts
360SafeBrowsergetpass
这是一个一键辅助抓取360安全浏览器密码的CobaltStrike脚本以及解密小工具,用于节省红队工作量,通过下载浏览器数据库、记录密钥来离线解密浏览器密码。
365-Stealer
365-Stealer is a phishing tool written in python3 which abused App registration to grant consent from victim which leads to Illicit Consent Grant Attack
a12d404.net-files
Files related to my blog posts.
aclpwn.py
Active Directory ACL exploitation with BloodHound
ad-honeypot-autodeploy
Deploy a small, intentionally insecure, vulnerable Windows Domain for RDP Honeypot fully automatically.
AD-Pentest-Notes
用于记录内网渗透(域渗透)学习 :-)
adalanche
Active Directory ACL Visualizer and Explorer - who's really Domain Admin?
ADCSPwn
A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certificate service.
noPac
CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.
bigbrobro's Repositories
bigbrobro/amides
An Adaptive Misuse Detection System
bigbrobro/atexec-pro
Fileless atexec, no more need for port 445
bigbrobro/BestEdrOfTheMarket
Little AV/EDR bypassing lab for training & learning purposes
bigbrobro/BokuLoader
A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
bigbrobro/bpf-developer-tutorial
Learn eBPF by examples | eBPF 开发者教程与知识库:通过小工具和示例一步步学习 eBPF,包含性能、网络、安全等多种应用场景
bigbrobro/BRON
"Linking Threat Tactics, Techniques, and Patterns with Defensive Weaknesses, Vulnerabilities and Affected Platform Configurations for Cyber Hunting" by Erik Hemberg, Jonathan Kelly, Michal Shlapentokh-Rothman, Bryn Reinstadler, Katherine Xu, Nick Rutar, Una-May O'Reilly
bigbrobro/canarytokendetector
Detect and remove the presence of canary tokens
bigbrobro/ckibana
Visualizing data in ClickHouse using native Kibana.
bigbrobro/curlrevshell
Kooky cURL-powered replacement for reverse shell via /dev/tcp
bigbrobro/ebpf_shell
ebpf WebShell/内核马,一种新型内核马/WebShell技术
bigbrobro/EDRNoiseMaker
Detect WFP filters blocking EDR communications
bigbrobro/EDRSilencer
A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.
bigbrobro/EvilSln
A New Exploitation Technique for Visual Studio Projects
bigbrobro/Huorong-ATP-Rules
一款火绒增强HIPS自定义规则
bigbrobro/kunai
Threat-hunting tool for Linux
bigbrobro/luban
Kubernetes集群管理平台,CMDB,K8S容器管理,运维平台,自动化运维发布平台,CICD平台,多集群管理
bigbrobro/MAGIC
Codes and data for USENIX Security 24 paper "MAGIC: Detecting Advanced Persistent Threats via Masked Graph Representation Learning"
bigbrobro/netassert
Network security testing for Kubernetes DevSecOps workflows
bigbrobro/nginx_shell
nginx WebShell/内存马,更优雅的nignx backdoor
bigbrobro/nysm
nysm is a stealth post-exploitation container.
bigbrobro/OctoMation
OctoMation是一款免费的,具有可视化拖拽功能的编排与自动化产品。通过精心编排的Playbook,OctoMation能够联动数百款安全、网络、IT和SaaS等产品的基础能力。其主要特点包括低代码剧本编排、自动化事件响应、标准化流程操作以及可视化过程监控。 借助OctoMation,运营团队能够开展7x24小时自动化事件响应,不仅可以大幅减少对人员的过度依赖,还能确保团队工作质量始终维持在较高的水准上,最终实现“极速降本增效”。
bigbrobro/OctoMationApps
此 Repository 为 OctoMation 的应用仓库,系统详细文档、系统安装手册请移步以下 Repository:
bigbrobro/PoolParty
A set of fully-undetectable process injection techniques abusing Windows Thread Pools
bigbrobro/PoolPartyBof
A beacon object file implementation of PoolParty Process Injection Technique.
bigbrobro/pulsar_eBPF
A modular and blazing fast runtime security tool for the IoT, powered by eBPF.
bigbrobro/RealBlindingEDR
Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThreadNotifyRoutine Callback、PsSetLoadImageNotifyRoutine Callback...
bigbrobro/secgpt
secgpt网络安全大模型
bigbrobro/SharpGhostTask
A C# port from Invoke-GhostTask
bigbrobro/SignToolEx
Patching "signtool.exe" to accept expired certificates for code-signing.
bigbrobro/Stinger
CIA UAC bypass implementation of Stinger that obtains the token from an auto-elevated process, modifies it, and reuses it to execute as Administrator.