xnianq's Stars
jumpserver/jumpserver
An open-source PAM tool alternative to CyberArk. 广受欢迎的开源堡垒机。
drduh/macOS-Security-and-Privacy-Guide
Guide to securing and improving privacy on macOS
qjfoidnh/BaiduPCS-Go
iikira/BaiduPCS-Go原版基础上集成了分享链接/秒传链接转存功能
cseroad/Exp-Tools
一款集成高危漏洞exp的实用性工具
Accenture/Spartacus
Spartacus DLL/COM Hijacking Toolkit
knavesec/CredMaster
Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling
qwqdanchun/Pillager
Pillager是一个适用于后渗透期间的信息收集工具
myzxcg/RealBlindingEDR
Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThreadNotifyRoutine Callback、PsSetLoadImageNotifyRoutine Callback...
The-Viper-One/PsMapExec
A PowerShell tool that takes strong inspiration from CrackMapExec / NetExec
daem0nc0re/PrivFu
Kernel mode WinDbg extension and PoCs for token privilege investigation.
strivexjun/AheadLib-x86-x64
hijack dll Source Code Generator. support x86/x64
FourCoreLabs/EDRHunt
Scan installed EDRs and AVs on Windows
hasherezade/transacted_hollowing
Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging
pykiller/API-T00L
互联网厂商API利用工具。
kohlersbtuh15/accesskey_tools
阿里云aliyun/腾讯云tencentcloud/华为云huaweicloud/aws等各种云厂商的accesskey运维安全工具,accesskey利用工具,包括但不限于创建ecs、ecs查询和命令执行、oss查询和批量下载等各种功能,aws accesskey rce;remote command execute
netero1010/GhostTask
A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.
tothi/dll-hijack-by-proxying
Exploiting DLL Hijacking by DLL Proxying Super Easily
irsl/curlshell
reverse shell using curl
ConsciousHacker/WFH
jpbetz/auger
Directly access data objects stored in etcd by kubernetes.
0xlane/wechat-dump-rs
该工具用于导出正在运行中的微信进程的 key 并自动解密所有微信数据库文件以及导出 key 后数据库文件离线解密。
7BitsTeam/EDR-Bypass-demo
Some demos to bypass EDRs or AVs by 78itsT3@m
joeavanzato/Trawler
PowerShell script to help Incident Responders discover potential adversary persistence mechanisms.
memN0ps/srdi-rs
Rusty Shellcode Reflective DLL Injection (sRDI) - A 4KB reflective loader for Position-Independent Code (PIC) generation in Rust (Codename: Venom)
MzzdToT/HAC_Bored_Writing
各种漏洞批量扫描poc、exp,涵盖未授权、RCE、文件上传、sql注入、信息泄露等
Binject/binjection
Injects additional machine instructions into various binary formats.
Ridter/TorProxy
利用Tor搭建Socks5代理,动态切换IP
YDHCUI/rustdesk
基于rustdesk修改的远程桌面软件,将agent部分分离出来
ewby/Mockingjay_BOF
Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique
EddieIvan01/rustdesk-hvnc
HVNC based on RustDesk