Pinned Repositories
acefile
POC of https://research.checkpoint.com/extracting-code-execution-from-winrar/
atomic-red-team
Small and highly portable detection tests.
Awesome-Hacking
A collection of various awesome lists for hackers, pentesters and security researchers
book
byob
BYOB (Build Your Own Botnet)
hackingLibrary
APT, Cyber warfare, Penetration testing, Zero-day,Exploiting,Fuzzing,Privilege-Escalation,browser-security,Spyware,Malwres evade anti-virus detection, Rookit CYPTER, Antiviruses Bypassing-av, WORMS,Sandbox-Escape, Memory-injection, Ethical,Gray,White,RedTeam,Bugbounty,bug hunter,Cheat Sheet...
nighter233's Repositories
nighter233/acefile
POC of https://research.checkpoint.com/extracting-code-execution-from-winrar/
nighter233/BypassAntiVirus
远控免杀系列文章及配套工具,搜集汇总了互联网上的几十种免杀工具和免杀方法,并对免杀效果进行了一一测试,为远控的免杀和杀软对抗免杀提供参考。
nighter233/CobaltStrike
CobaltStrike's source code
nighter233/Cobaltstrike-MS17-010
cobaltstrike ms17-010 module and some other
nighter233/commando-vm
Complete Mandiant Offensive VM (Commando VM), the first full Windows-based penetration testing virtual machine distribution. The security community recognizes Kali Linux as the go-to penetration testing platform for those that prefer Linux. Commando VM is for penetration testers that prefer Windows. We know that building a Windows penetration testing environment can be tedious - we aim to streamline and simplify this process. Commando VM includes over 140 tools.
nighter233/dictionary
来自pwn硬糖师傅的爆破字典
nighter233/exploits
Pwn stuff.
nighter233/free-api
收集免费的接口服务,做一个api的搬运工
nighter233/ghidra
nighter233/K8tools
K8工具(内网渗透/提权工具/远程溢出/漏洞利用/Exploit/APT/0day/Shellcode/Payload/priviledge/OverFlow/WebShell/PenTest)
nighter233/Ladon
大型内网渗透扫描器&Cobalt Strike,包含信息收集/端口扫描/服务识别/网络资产/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010、Weblogic、ActiveMQ、Tomcat等,密码口令爆破含(Mysql、Oracle、MSSQL)、FTP、SSH(Linux)、VNC、Windows(IPC、WMI、SMB)等,可高度自定义插件支持.NET程序集、DLL(C#/Delphi/VC)、PowerShell等语言编写的插件,支持通过配置INI批量调用任意外部程序或命令,EXP生成器一键生成Web漏洞POC,可快速扩展扫描或利用能力。支持Cobalt Strike插件化直接内存加载Ladon扫描快速拓展内网横向移动
nighter233/legion
Legion is an open source, easy-to-use, super-extensible and semi-automated network penetration testing tool that aids in discovery, reconnaissance and exploitation of information systems.
nighter233/Micro8
nighter233/pentest-1
渗透测试用到的东东
nighter233/pocsuite3
pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
nighter233/PPT
PPT教程
nighter233/PrivExchange
Exchange your privileges for Domain Admin privs by abusing Exchange
nighter233/Red-Team-links
2019年红队资源链接,资源不是本人整理出来,来自互联网,因为流传的少,特意在此做个备份,做个分享。
nighter233/RedTeam
RedTeam资料收集整理
nighter233/RedTeamer
红方人员作战执行手册
nighter233/sentry
Sentry is cross-platform application monitoring, with a focus on error reporting.
nighter233/shadowsocks
Redirect attack on Shadowsocks stream ciphers
nighter233/SharpDecryptPwd
对密码已保存在 Windwos 系统上的部分程序进行解析,包括:Navicat,TeamViewer,FileZilla,WinSCP,Xmangager系列产品(Xshell,Xftp)。
nighter233/SRC-experience
工欲善其事,必先利其器
nighter233/sudo_inject
[Linux] Two Privilege Escalation techniques abusing sudo token
nighter233/tokenx_privEsc
with metasploit
nighter233/wafw00f
WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
nighter233/webshellSample
webshell sample for WebShell Log Analysis
nighter233/wooyun-payload
从wooyun中提取的payload,以及burp插件
nighter233/xray
xray 安全评估工具