Stars
Getting started with static program analysis. 静态程序分析入门教程。
Define and run pattern-based custom linting rules.
PowerShell toolkit for AD CS auditing based on the PSPKI toolkit.
Red Team Cheatsheet in constant expansion.
Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64.
The cheat sheet about Java Deserialization vulnerabilities
SonarQube Licensecheck Plugin
A plugin for generating reports about the licenses of third party software using Gradle
The Discretionary ACL Modification Project: Persistence Through Host-based Security Descriptor Modification
A repository that maps commonly used attacks using MSRPC protocols to ATT&CK
A root exploit for CVE-2022-0847 (Dirty Pipe)
A tool mainly to erase specified records from Windows event logs, with additional functionalities.
MDISEC Twitch topluluğu olarak OSCE hazırlık materyallerinin listelendiği repo.
Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.
From an account member of the group Backup Operators to Domain Admin without RDP or WinRM on the Domain Controller
Tool for Active Directory Certificate Services enumeration and abuse
Suricata IDS rules 用来检测红队渗透/恶意行为等,支持检测CobaltStrike/MSF/Empire/DNS隧道/Weevely/菜刀/冰蝎/挖矿/反弹shell/ICMP隧道等
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
Generates analysis reports from SonarQube web API.
Open source Swift plugin for SonarQube (also supports Objective-C)
SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights on a Group Policy Object (GPO) in order to compromise the objects that are controlled by…
PDF补丁丁——PDF工具箱,可以编辑书签、剪裁旋转页面、解除限制、提取或合并文档,探查文档结构,提取图片、转成图片等等