Pinned Repositories
AceLdr
Cobalt Strike UDRL for memory scanner evasion.
Android-InsecureBankv2
Vulnerable Android application for developers and security enthusiasts to learn about Android insecurities
android_virtual_cam
xposed安卓虚拟摄像头 android virtual camera on xposed hook
Anonymous
AntiFrida_Bypass
Generic Script To Bypass Some AntiFrida Checks
autoDecoder
Burp插件,根据自定义来达到对数据包的处理(适用于加解密、爆破等),类似mitmproxy,不同点在于经过了burp中转,在自动加解密的基础上,不影响APP、网站加解密正常逻辑等。
BEAR
Bear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks by Russian APT groups, Bear features a variety of encryption methods, including AES, XOR, DES, TLS, RC4, RSA and ChaCha to secure communication between the payload and the operator machine.
Blasting_dictionary
爆破字典
BypassAntiVirus
远控免杀系列文章及配套工具,汇总测试了互联网上的几十种免杀工具、113种白名单免杀方式、8种代码编译免杀、若干免杀实战技术,并对免杀效果进行了一一测试,为远控的免杀和杀软对抗免杀提供参考。
cobaltstrike4.5_cdf
cobaltstrike4.5版本破/解、去除checksum8特征、bypass BeaconEye、修复错误路径泄漏stage、增加totp双因子验证、修复CVE-2022-39197等
xixikotete's Repositories
xixikotete/AceLdr
Cobalt Strike UDRL for memory scanner evasion.
xixikotete/Android-InsecureBankv2
Vulnerable Android application for developers and security enthusiasts to learn about Android insecurities
xixikotete/android_virtual_cam
xposed安卓虚拟摄像头 android virtual camera on xposed hook
xixikotete/AntiFrida_Bypass
Generic Script To Bypass Some AntiFrida Checks
xixikotete/autoDecoder
Burp插件,根据自定义来达到对数据包的处理(适用于加解密、爆破等),类似mitmproxy,不同点在于经过了burp中转,在自动加解密的基础上,不影响APP、网站加解密正常逻辑等。
xixikotete/BEAR
Bear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks by Russian APT groups, Bear features a variety of encryption methods, including AES, XOR, DES, TLS, RC4, RSA and ChaCha to secure communication between the payload and the operator machine.
xixikotete/BypassAntiVirus
远控免杀系列文章及配套工具,汇总测试了互联网上的几十种免杀工具、113种白名单免杀方式、8种代码编译免杀、若干免杀实战技术,并对免杀效果进行了一一测试,为远控的免杀和杀软对抗免杀提供参考。
xixikotete/cobaltstrike4.5_cdf
cobaltstrike4.5版本破/解、去除checksum8特征、bypass BeaconEye、修复错误路径泄漏stage、增加totp双因子验证、修复CVE-2022-39197等
xixikotete/CVE-2023-4863
xixikotete/evilgophish
evilginx2 + gophish
xixikotete/DEFCON-31-Syscalls-Workshop
Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".
xixikotete/ecapture
capture SSL/TLS text content without CA cert using eBPF. supports Linux/Android x86_64/Aarch64.
xixikotete/Erfrp
Erfrp-frp二开-免杀与隐藏
xixikotete/go-cryptobin
go 常用加密解密库/go encrypt or decrypt pkg(RSA/SM2/EIGamal/Gost/AES/DES/TripleDes/SM4/Tea/Twofish)
xixikotete/gocheck
Because AV evasion should be easy.
xixikotete/Hook_WeChat_FaaS
frida Hook 微信云函数脚本
xixikotete/InCloud
运行于GitHub Actions 的仓库中自动化、自定义和执行软件开发工作流程,可以自己根据喜好定制功能,InCloud已经为您定制好了十种针对网段和域名的不同场景的信息收集与漏洞扫描流程。
xixikotete/jna
Java Native Access
xixikotete/MalwareSourceCode
Collection of malware source code for a variety of platforms in an array of different programming languages.
xixikotete/no-defender
A slightly more fun way to disable windows defender. (through the WSC api)
xixikotete/pinduoduo_backdoor
拼多多apk内嵌提权代码,及动态下发dex分析
xixikotete/Rust-for-Malware-Development
This repository contains my complete resources and coding practices for malware development using Rust 🦀.
xixikotete/safeline
长亭科技自研,基于业界领先的语义引擎检测技术,打造的简洁、易用的免费 WAF
xixikotete/smuggler
Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3
xixikotete/sperm
浏览过的精彩逆向文章汇总,值得一看
xixikotete/taowu-cobalt-strike
xixikotete/Vulnerability-Wiki
一个基于docsify的综合漏洞知识库,目前漏洞数量800+
xixikotete/WeChatDevTools
只需放置一个dll 简单方便的hook微信强制打开小程序 devtool
xixikotete/WeChatOpenDevTools
xixikotete/Yasso
强大的内网渗透辅助工具集-让Yasso像风一样 支持rdp,ssh,redis,postgres,mongodb,mssql,mysql,winrm等服务爆破,快速的端口扫描,强大的web指纹识别,各种内置服务的一键利用(包括ssh完全交互式登陆,mssql提权,redis一键利用,mysql数据库查询,winrm横向利用,多种服务利用支持socks5代理执行)