This repo contains PoCs for vulnerable Windows drivers.

NPort is a powerful, lightweight ngrok alternative that creates secure HTTP/HTTPS tunnels from your localhost to public URLs using Cloudflare's global edge network. No configuration, no accounts, j…

Full Toolkit for Next-Level Domain Analysis

Production-ready implementation of InvisPose - a revolutionary WiFi-based dense human pose estimation system that enables real-time full-body tracking through walls using commodity mesh routers

MITM proxy for TCP/TLS/DTLS/UDP traffic, with STARTTLS, IoT, Thick Client and more.

The dragon in the dark. A red team post exploitation framework for testing security controls during red team assessments.

New 0 day vulnerability allowing to leak NTLM hashes from browsers with one click

Windows 权限提升 BadPotato

Remote video eavesdropping using a software-defined radio platform

ASP.NET(Webform) VIEWSTATE反序列化漏洞批量识别脚本

Vulnerability scanner written in Go which uses the data provided by https://osv.dev

Suspend the process, inject/write the payload (PE mapping), and then resume the process.

tun2socks - powered by gVisor TCP/IP stack

IoM implant, C2 Framework and Infrastructure

Linux权限维持

Collection of BOFs created for red team/adversary engagements. Created to be small and interchangeable, for quick recon or eventing.

Lab used for workshop and CTF

LibWinHttp is a simplified WinHTTP wrapper designed as a Crystal Palace shared library for implant development. Its primary purpose is to facilitate the development of PICO modules that require HTT…

Cybersecurity AI (CAI), the framework for AI Security

Conquest is a feature-rich and malleable command & control/post-exploitation framework developed in Nim.

使用http搭建隧道的形式从外网访问内网资源

Clean network diagrams. One-time setup, zero upkeep.

Lightweight binary that joins a device to a Tailscale network and exposes a local SOCKS5 proxy. Designed for red team operations and ephemeral access into restricted environments using Tailscale’s …

HeapDump敏感信息提取工具

Stealthy Linux Kernel Rootkit for modern kernels (6x)

Comfortably monitor your Internet traffic 🕵️‍♂️

A DNS Monitor, leveraging Apple's NEDNSProxyProvider/Network Extension Framework

Windows应急响应工具---Hawkeye(鹰眼)。集Windows日志分析，进程扫描，主机信息于一体的综合应急响应分析工具