Pinned Repositories
ADCollector
A lightweight tool to quickly extract valuable information from the Active Directory environment for both attacking and defending.
AlternativeShellcodeExec
Alternative Shellcode Execution Via Callbacks
Ares-RedTeam_Box
Ares RedTeam_Box 是一款面相非初级网络渗透者,可高度自定义化的工具。
cDogScan
多服务口令爆破、内网常见服务未授权访问探测,端口扫描
ChineseCommandExec
go语言执行命令中文乱码解决
crossCompile
go 交叉编译工具
GoLib
GoLib 适用于扫描器的go库
hihttps
hihttps是一款完整源码的高性能web应用防火墙,既支持传统WAF的所有功能如SQL注入、XSS、恶意漏洞扫描、密码暴力破解、CC、DDOS等ModSecurity正则规则,又支持无监督机器学习,自主对抗未知攻击。
JSP-Webshells
Collect JSP webshell of various implementation methods. 收集JSP Webshell的各种姿势
sqli-labs-master
sql注入必练习题目
workcha's Repositories
workcha/EvilClippy
A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.
workcha/ListRDPConnections
C# 读取本机对外RDP连接记录和其他主机对该主机的连接记录,从而在内网渗透中获取更多可通内网网段信息以及定位运维管理人员主机
workcha/BlueShell
红蓝对抗跨平台远控工具
workcha/AVIator
Antivirus evasion project
workcha/GRAT2
We developed GRAT2 Command & Control (C2) project for learning purpose.
workcha/meterpreter-av-bypass
Bypass Windows Defender with py2exe from memory.
workcha/Venom
Venom - A Multi-hop Proxy for Penetration Testers
workcha/Pentest_Note
渗透测试常规操作记录
workcha/java-object-searcher
java内存对象搜索辅助工具
workcha/lightmist
Basic windows windows payload obfuscation in D for AV bypass
workcha/MS17-010
An EternalBlue exploit implementation in pure go
workcha/SharpC2
.NET C2 Framework Proof of Concept
workcha/SharpChromium
.NET 4.0 CLR Project to retrieve Chromium data, such as cookies, history and saved logins.
workcha/WebSocketRemoteControl
Remote Control With WebSocket
workcha/CcRemote
这是一个基于gh0st远程控制的项目,使自己更深入了解远控的原理,采用VS2017,默认分支hijack还在修改不能执行,master分支的项目可以正常的运行的,你可以切换到该分支查看可以执行的代码
workcha/GetPwd
用CSharp写的一款信息搜集工具,目前支持Navicat、TeamView、Xshell、SecureCRT产品的密码解密
workcha/ligolo
Reverse Tunneling made easy for pentesters, by pentesters https://sysdream.com/
workcha/Telegra_Csharp_C2
Command and Control for C# Writing
workcha/Direct-Syscall
Simple AV/EDR bypass technique using direct syscall.
workcha/WeblogicEnvironment
Weblogic环境搭建工具
workcha/xss_flash
Xss之Flash钓鱼
workcha/darkarmour
Windows AV Evasion
workcha/CrackSleeve
破解CS4.0
workcha/xinhu
信呼,免费开源的办公OA系统,包括APP,pc上客户端,REIM即时通信,服务端等,让每个企业单位都有自己的办公系统。
workcha/BypassShell
anti AV
workcha/MoveKit
Cobalt Strike kit for Lateral Movement
workcha/CVE-2019-0708-EXP-Windows
CVE-2019-0708-EXP-Windows版单文件exe版,运行后直接在当前控制台反弹System权限Shell
workcha/firehttp
一个专门用于开发安全工具的HTTP类库.
workcha/SharpSQLDump
内网渗透中快速获取数据库所有库名,表名,列名。具体判断后再去翻数据,节省时间。适用于mysql,mssql。
workcha/fuckcdn
全网扫描找出真实IP