Pinned Repositories
a
Awesome-CobaltStrike
cobaltstrike的相关资源汇总 / List of Awesome CobaltStrike Resources
charlotte
c++ fully undetected shellcode launcher ;)
CrackMapExec
A swiss army knife for pentesting networks
CVE-2019-11510
Exploit for Arbitrary File Read on Pulse Secure SSL VPN (CVE-2019-11510)
CVE-2021-4034
Pre-compiled builds for CVE-2021-4034
DeathStar
Uses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Directory environments using some of the most common offensive TTPs.
discover
For use with Kali Linux. Custom bash scripts used to automate various pentesting tasks.
Empire
Empire is a PowerShell and Python post-exploitation agent.
evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
foreverluck's Repositories
foreverluck/charlotte
c++ fully undetected shellcode launcher ;)
foreverluck/CrackMapExec
A swiss army knife for pentesting networks
foreverluck/CVE-2021-4034
Pre-compiled builds for CVE-2021-4034
foreverluck/DeathStar
Uses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Directory environments using some of the most common offensive TTPs.
foreverluck/evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
foreverluck/frp
A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
foreverluck/fscan
一款内网综合扫描工具,方便一键自动化、全方位漏扫扫描。
foreverluck/GoWxDump
SharpWxDump的Go语言版。微信客户端取证,获取信息(微信号、手机号、昵称),微信聊天记录分析(Top N聊天的人、统计聊天最频繁的好友排行、关键词列表搜索等)
foreverluck/impacket_static_binaries
Standalone binaries for Linux/Windows of Impacket's examples
foreverluck/linWinPwn
linWinPwn is a bash script that automates a number of Active Directory Enumeration and Vulnerability checks
foreverluck/lsassy
Extract credentials from lsass remotely
foreverluck/MeterPwrShell
Automated Tool That Generates The Perfect Meterpreter Powershell Payload
foreverluck/Middleware-Vulnerability-detection
CVE、CMS、中间件漏洞检测利用合集 Since 2019-9-15
foreverluck/mvsemi
foreverluck/nuclei
Fast and customizable vulnerability scanner based on simple YAML based DSL.
foreverluck/NucleiTP
自动整合全网Nuclei的漏洞POC,实时同步更新最新POC!
foreverluck/PEASS-ng
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
foreverluck/PoshC2
A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.
foreverluck/pystinger
Bypass firewall for traffic forwarding using webshell 一款使用webshell进行流量转发的出网工具
foreverluck/railgun
foreverluck/RedEye
RedEye is a visual analytic tool supporting Red & Blue Team operations
foreverluck/Searpy
🥀 Search Engine Tookit,URL采集、Favicon哈希值查找真实IP、子域名查找
foreverluck/Serein
【懒人神器】一款图形化、批量采集url、批量对采集的url进行各种nday检测的工具。可用于src挖掘、cnvd挖掘、0day利用、打造自己的武器库等场景。可以批量利用Actively Exploited Atlassian Confluence 0Day CVE-2022-26134和DedeCMS v5.7.87 SQL注入 CVE-2022-23337。
foreverluck/Sn1per
Attack Surface Management Platform
foreverluck/sprayhound
Password spraying tool and Bloodhound integration
foreverluck/SuperSQLInjectionV1
超级SQL注入工具(SSQLInjection)是一款基于HTTP协议自组包的SQL注入工具,采用C#开发,直接操作TCP会话来进行HTTP交互,支持出现在HTTP协议任意位置的SQL注入,支持各种类型的SQL注入,支持HTTPS模式注入;支持以盲注、错误显示、Union注入等方式来获取数据;支持Access/MySQL/SQLServer/Oracle/PostgreSQL/DB2/SQLite/Informix等数据库;支持手动灵活的进行SQL注入绕过,可自定义进行字符替换等绕过注入防护。本工具为渗透测试人员、信息安全工程师等掌握SQL注入技能的人员设计,需要使用人员对SQL注入有一定了解。
foreverluck/Terminator
Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes
foreverluck/tools
foreverluck/wmiexec-Pro
New generation of wmiexec.py
foreverluck/youdaonote-pull
📝 一个一键导出 / 备份「有道云笔记」所有笔记的 Python 脚本。 A Python script to export/backup all the notes of the "Youdao Note".