expoc's Stars
last-byte/PersistenceSniper
Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made with ❤️ by @last0x00 and @dottor_morte
FULLSHADE/WindowsExploitationResources
Resources for Windows exploit development
exploitblizzard/WindowsMDM-LPE-0Day
CVE-2021-24084 Windows Local Privilege Escalation Left officially unpatched since 2020. Hence, its still a zero day
ahmedkhlief/APT-Hunter
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
ThreatHuntingProject/ThreatHunting
An informational repo about hunting for adversaries in your IT environment.
fastfire/deepdarkCTI
Collection of Cyber Threat Intelligence sources from the deep and dark web
0x727/SpringBootExploit
项目是根据LandGrey/SpringBootVulExploit清单编写,目的hvv期间快速利用漏洞、降低漏洞利用门槛。
SixGenInc/Noctilucent
Using TLS 1.3 to evade censors, bypass network defenses, and blend in with the noise
capt-meelo/Beaconator
A beacon generator using Cobalt Strike and a variety of tools.
am0nsec/HellsGate
Original C Implementation of the Hell's Gate VX Technique
khanhnnvn/CEHv10
Leaked slides and labs
BloodHoundAD/SharpHound3
C# Data Collector for the BloodHound Project, Version 3
rasta-mouse/AmsiScanBufferBypass
Bypass AMSI by patching AmsiScanBuffer
Airboi/bypass-av-note
免杀技术大杂烩---乱拳也打不死老师傅
c0ny1/java-memshell-scanner
通过jsp脚本扫描java web Filter/Servlet型内存马
mvelazc0/defcon27_csharp_workshop
Writing custom backdoor payloads with C# - Defcon 27 Workshop
mestarshine/fingerprint2js
通过js获取浏览器指纹
threedr3am/learnjavabug
Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。
jxy-s/herpaderping
Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.
blackorbird/APT_REPORT
Interesting APT Report Collection And Some Special IOC
zer0yu/Awesome-CobaltStrike
List of Awesome CobaltStrike Resources
m0n0ph1/malware-1
Malware source code samples leaked online uploaded to GitHub for those who want to analyze the code.
CCob/SharpBlock
A method of bypassing EDR's active projection DLL's by preventing entry point exection
TideSec/BypassAntiVirus
远控免杀系列文章及配套工具,汇总测试了互联网上的几十种免杀工具、113种白名单免杀方式、8种代码编译免杀、若干免杀实战技术,并对免杀效果进行了一一测试,为远控的免杀和杀软对抗免杀提供参考。
BankSecurity/Red_Team
Some scripts useful for red team activities
chaitin/xray
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
jackfrued/Python-100-Days
Python - 100天从新手到大师
Chainfire/injectvm-binderjack
Android VM injection and BinderJacking sample code, and some ramblings about root
Ivan1ee/struts2-057-exp
s2-057 最新漏洞分析和EXP脚本
ym2011/POC-EXP
Collecting and writing PoC or EXP for vulnerabilities on some application