PE to shellcode

内网资产收集、探测主机存活、端口扫描、域控定位、文件搜索、各种服务爆破（SSH、SMB、MsSQL等）、Socks代理，一键自动化+无文件落地扫描

The container escape challenge of Be A RWCTFer competition (https://be-a-rwctfer.realworldctf.com/)

微信收藏的文章

Nacos JRaft Hessian 反序列化 RCE 加载字节码 注入内存马 不出网利用

windows-kernel-exploits Windows平台提权漏洞集合

POC to replicate the full 'Follina' Office RCE vulnerability for testing purposes

Python codes of my blog.

Trying to tame the three-headed dog.

GitHub repository for sysadmin related tools

《The Way to Go》中文译本，中文正式名《Go 入门指南》

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能

一个漏洞扫描器粘合剂,添加目标后30款工具自动调用；支持 web扫描、系统扫描、子域名收集、目录扫描、主机扫描、主机发现、组件识别、URL爬虫、XRAY扫描、AWVS自动扫描、POC批量验证，SSH批量测试、vulmap。

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-…

Vulnerability Exploitation Code Collection Repository

An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR

Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.

Starkiller is a Frontend for PowerShell Empire.

Empire is a PowerShell and Python post-exploitation agent.

中国蚁剑后渗透框架

利用图形化识别技术快速关闭目标机器上的杀毒软件

高颜值的第三方网易云播放器，支持 Windows / macOS / Linux

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous …

Watchdog是bayonet修改版，重新优化了数据库及web及扫描程序,加入多节点

The python client of passivedns.cn

Shiro<=1.2.4反序列化，一键检测工具

This repository holds all the list of advanced XSS payloads that can be used in penetration testing. These payloads can be loaded into XSS scanners as well.

CTF framework and exploit development library in python3 (pwntools and binjitsu fork)