My experiments in weaponizing Nim (https://nim-lang.org/)

SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list

一款内网综合扫描工具，方便一键自动化、全方位漏扫扫描。

哥斯拉

CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit

一款可以在不出网的环境下进行反向代理及cs上线的工具

[CVE-2021-22123] Fortinet FortiWeb Authenticated OS Command Injection

windows-kernel-exploits Windows平台提权漏洞集合

Proof of concept for abusing SeLoadDriverPrivilege (Privilege Escalation in Windows)

Cobalt Strike Malleable C2 Design and Reference Guide

Stealing Signatures and Making One Invalid Signature at a Time

Some notes and examples for cobalt strike's functionality

This is the list of all rootkits found so far on github and other sites.

xray社区高级版证书生成，仅供学习研究，正常使用请支持正版。removed due to Chaitin requirements & support to version 1.4.4 & learning purpose

UAC bypass, Elevate, Persistence methods

红队基础设施自动化部署工具

Pwn stuff.

RAT And C&C Resources. 250+ Open Source Projects, 1200+ RAT/C&C blog/video.

Practice Go programming and implement CobaltStrike's Beacon in Go

[Tool] Forge PHP FastCGI protocol to RCE with strict disable_functions

Tiny SHell is an open-source UNIX backdoor.

SuperDllHijack：A general DLL hijack technology, don't need to manually export the same function interface of the DLL, so easy! 一种通用Dll劫持技术，不再需要手工导出Dll的函数接口了

WINDOWS TELEMETRY权限维持

2018年初整理的一些内网渗透TIPS，后面更新的慢，所以整理出来希望跟小伙伴们一起更新维护~

BypassAV ShellCode Loader (Cobaltstrike/Metasploit)

MSBuildShell, a Powershell Host running within MSBuild.exe

“冰蝎”动态二进制加密网站管理客户端