wh0amitz
Red Team / Offensive Security. Web Security / Windows Active Directory / Post Exploitation
nt authority\systemBeijing
wh0amitz's Stars
TideSec/TscanPlus
一款综合性网络安全检测和运维工具,旨在快速资产发现、识别、检测,构建基础资产信息库,协助甲方安全团队或者安全运维人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
ShiHuang-ESec/EHole
EHole(棱洞)-红队重点攻击系统指纹探测工具
outflanknl/Recon-AD
Recon-AD, an AD recon tool based on ADSI and reflective DLL’s
Daybr4ak/ShiroScan
burp插件 ShiroScan 主要用于框架、无dnslog key检测
S3cur3Th1sSh1t/WinPwn
Automation for internal Windows Penetrationtest / AD-Security
Ivan1ee/NET-Deserialize
总结了20+.Net反序列化文章,持续更新
dafthack/DomainPasswordSpray
DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS!
pen4uin/java-memshell-generator
一款支持高度自定义的 Java 内存马生成工具|A highly customizable Java memory-shell generation tool.
jfjallid/go-smb
A client library to interact with Windows RPC services such as MS-SRVS and MS-RRP.
NetSPI/PowerHuntShares
PowerHuntShares is an audit script designed in inventory, analyze, and report excessive privileges configured on Active Directory domains.
xaitax/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability
Microsoft-Outlook-Remote-Code-Execution-Vulnerability
salomonelli/best-resume-ever
:necktie: :briefcase: Build fast :rocket: and easy multiple beautiful resumes and create your best CV ever! Made with Vue and LESS.
SpecterOps/BloodHound
Six Degrees of Domain Admin
BloodHoundAD/SharpHound
C# Data Collector for BloodHound
achuna33/Memoryshell-JavaALL
收集内存马打入方式
Kudaes/Elevator
UAC bypass by abusing RPC and debug objects.
lufeirider/CVE-2019-2725
CVE-2019-2725 命令回显
zhaoyumi/WeaverExploit_All
泛微最近的漏洞利用工具(PS:2023)
wyzxxz/shiro_rce_tool
shiro 反序列 命令执行辅助检测工具
chaitin/xpoc
为供应链漏洞扫描设计的快速应急响应工具 [快速应急] [漏洞扫描] [端口扫描] [xray2.0进行时] A fast emergency response tool designed for supply chain vulnerability scanning.
threedr3am/ZhouYu
(周瑜)Java - SpringBoot 持久化 WebShell 学习demo(不仅仅是SpringBoot,适合任何符合JavaEE规范的服务)
SuxueCode/WechatBakTool
基于C#的微信PC版聊天记录备份工具,提供图形界面,解密微信数据库并导出聊天记录。
ffuf/ffuf
Fast web fuzzer written in Go
SexyBeast233/SecDictionary
实战沉淀字典
byt3bl33d3r/CrackMapExec
A swiss army knife for pentesting networks
c0ny1/jsEncrypter
一个用于前端加密Fuzz的Burp Suite插件
chatchat-space/Langchain-Chatchat
Langchain-Chatchat(原Langchain-ChatGLM, Qwen 与 Llama 等)基于 Langchain 与 ChatGLM 等语言模型的 RAG 与 Agent 应用 | Langchain-Chatchat (formerly langchain-ChatGLM), local knowledge based LLM (like ChatGLM, Qwen and Llama) RAG and Agent app with langchain
THUDM/ChatGLM3
ChatGLM3 series: Open Bilingual Chat LLMs | 开源双语对话语言模型
BloodHoundAD/BloodHound
Six Degrees of Domain Admin
61106960/adPEAS
Powershell tool to automate Active Directory enumeration.