power-sploit's Stars
QAX-A-Team/HideShell
A JSP backdoor that enables under Tomcat hiding arbitrary JSP files, in addition to their access logs.
ReversingID/Shellcode-Loader
Open repository for learning dynamic shellcode loading (sample in many programming languages)
ChoboSyk/PoorManBOF
Generating useful shellcode has always felt like magic to me. This frameworks goal is to help generate position independent shellcode from C code for WinAPIs stuff. Specify the WinAPIs you need and itll generate a nice project for you. Use the generated functions and than run ./build.sh to get a shellcode.bin file. I also added some methods to you can return values from the shellcode for enumeration and stuff. Ill add more details later
craig/SpringCore0day
SpringCore0day from https://share.vx-underground.org/ & some additional links
OneHone/HoneTool
czz1233/GBByPass
冰蝎 哥斯拉 WebShell bypass
gloxec/CrossC2
generate CobaltStrike's cross-platform payload
rejetto/hfs
HFS is a web file server to run on your computer. Share folders or even a single file thanks to the virtual file system.
wkjung0624/cve-2019-9193
PostgreSQL Remote Code Executuon
cepxeo/dll4shell
Shellcode launcher for AV bypass
jhhua/Cs_X_Msf_BypassAv
I wrote a C++ project for metasploit or CobaltStrike...login_user:root、pass:jhhua
syyu6/WinRpcTest
利用RPC服务,批量探测内网Windows出网情况
kelvinBen/AppInfoScanner
一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
lengjibo/FourEye
AV Evasion Tool For Red Team Ops
midisec/BypassAnti-Virus
免杀姿势学习、记录、复现。
crow821/crowsec
视频课件和工具分享
Ryze-T/Sylas
数据库综合利用工具
cnmumu/BypassAv
学习记录
G73st/BypassAV
c++ shellcode loader
angels520/BypassUAC
angels520/Shiro-Memshell
angels520/rebeyond-Mode
修改版rebeyond
CnHack3r/Awesome-hacking-tools
黑客工具收集仓库,包含主流和非主流漏洞利用工具,subdomain、备案查询工具、CVE仓库、Hacking Tools、Exploits、免杀工具、weblogic漏洞利用工具、Red Team、Cobalt Strike、C免杀、bypassAV、内网渗透工具、漏洞利用、工具插件、burpsuite插件;
Cu1in/RadomShell
随机对Cobaltstrike生成的Powershell进行免杀.最高可全国Virustotal
b1ackc4t/Assassin
Assassin是一款精简的基于命令行的webshell管理工具,它有着多种payload发送方式和编码方式,以及精简的payload代码,使得它成为隐蔽的暗杀者,难以被很好的防御。
0range-x/Domain-penetration_one-stop
域渗透一条龙
ORCA666/EVA3
using hellsgate in EVA to get the syscalls
secretsquirrel/SigThief
Stealing Signatures and Making One Invalid Signature at a Time
Rvn0xsy/BadCode
恶意代码逃逸源代码 http://payloads.online
mai1zhi2/ShellCodeFramework
绕3环的shellcode免杀框架