基础反检测 frida-server / Basic anti-detection frida-server

Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wis…

Stealthy In-Memory Local Password Harvester (SILPH) tool: dump LSA, SAM and DCC2 with indirect syscall

Dump LSASS via physical memory read primitives in vulnerable kernel drivers

Malicious PixelCode is a security research project that demonstrates a covert technique for encoding executable files into pixel data and storing them inside images or videos. A lightweight loader …

Generate Frida bypass scripts for Android APK root and SSL checks.

Scan for secrets, endpoints, and other sensitive data after decompiling and deobfuscating Android files. (.apk, .xapk, .dex, .jar, .class, .smali, .zip, .aar, .arsc, .aab, .jadx.kts).

一款预封装的CTF/渗透测试用虚拟机

Complete toolkit for the 30 Days of Red Team series — reconnaissance, weaponization, delivery, exploitation, and defense modules for ethical red team simulation.

This script will scrape LinkedIn based on company IDs and will return ALL names associated with the searcht. You can then take these names and use cut or awk to format into emails.

Interact with Frida devices, processes, and scripts directly from your browser.

Red team Interview Questions

SploitScan is a sophisticated cybersecurity utility designed to provide detailed information on vulnerabilities and associated exploits.

Automatically Collect POC or EXP from GitHub by CVE ID.

game of active directory

Automate the creation of a lab environment complete with security tooling and logging best practices

Small and highly portable detection tests based on MITRE's ATT&CK.

PowerShell Obfuscator

Example reports from prior years of the Collegiate Penetration Testing Competition

A list of public penetration test reports published by several consulting firms and academic security groups.

Zero trust. Zero security. Total exposure. A deliberately vulnerable health tech platform with AI Chatbot for learning about application security and ethical hacking. It contains vulnerabilities fr…

OSCP Cheat Sheet

GUI for apktool, signapk, zipalign and baksmali utilities.

Wordlists for creating statistically likely username lists for use in password attacks and security testing